Spread the love


I was just hanging around blogs until I cam across one nice piece of setting up centralized Logging setup.I thought to try it out of mine and here is the output:Syslog is a fantastic facility for logging on Linux machines. Lets say you have a small number of servers, and want to log them all to one central syslog server. Here we’ll describe a simple configuration.
1) Setup the syslog serverOn the system you want to use as the syslog server, edit the file /etc/sysconf/syslog, and add ‘-r’ as follows:

  1. Options to syslogd
  2. -m 0 disables ‘MARK’ messages.
  3. -r enables logging from remote machines
  4. -x disables DNS lookups on messages recieved with -r
  5. See syslogd(8) for more details


  1. Options to klogd
  2. -2 prints all kernel oops messages twice; once for klogd to decode, and
  3. once for processing with ‘ksymoops’
  4. -x disables all klogd processing of oops messages entirely
  5. See klogd(8) for more details


Initially I added -x because I thought it would use networked DNS. But as I am logging all from local servers, all of which are defined in /etc/hosts, it doesn’t actually go to the network for name lookup. And, having the name of the system in the log file is nice.

Now, restart syslog, and confirm that syslog is listening on port 514 (the syslog port):

root@ajeet:/root>/etc/init.d/syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
root@ajeet:/root>netstat -an|grep 514
udp 0 0*

2) Now, configure your client:

For simplicity, I added a line in the /etc/hosts file to add the name ‘loghost’ to the other names I am using for my logging server. This is actually beneficial – because I can move my syslog server to another host – and I only have to modify the hosts file…

Next, edit the /etc/syslog.conf file. I added 1 simple line to log all informational messages to the remote loghost:

*.info @loghost

Note: separate all columns with the tab character, not space.

Finally restart syslog on the client with /etc/init.d/syslog restart.

To test, you can use the command line logging facility called logger. On the client I type:

root@tuxbuddy:/etc>logger foobar

And on the server I see:

root@ajeet:/root>tail -f /var/log/messages

Jun 28 21:17:29 tubxuddy bemo: fooba

Hence, the centralized logging server is Ready !!!


Spread the love
Categories: Docker

Ajeet Raina

My name is Ajeet Singh Raina and I am an author of this blogging site. I am a Docker Captain, ARM Innovator & Docker Bangalore Community Leader. I bagged 2 special awards last year(2019): Firstly, “The Tip of Captain’s Hat Award” at Dockercon 2019, San Francisco, and secondly, “2019 Docker Community Award“. I run Collabnix Community Slack with over 5300+ audience . I have built popular GITHUB repositories like DockerLabs, KubeLabs, Kubetools, RedisPlanet Terraform etc. with the support of Collabnix Community. Currently working as Developer Relations Manager at Redis Labs where I help customers and community members adopt Redis. With over 12,000+ followers over LinkedIn & close to 5100+ twitter followers, I like sharing Docker and Kubernetes related content . You can follow me on Twitter(@ajeetsraina) & GitHub(@ajeetraina)


Spartherm · 11th October 2016 at 12:20 pm

whoah this weblog is magnificent i really like studying your posts. Keep up the good paintings! You already know, a lot of persons are hunting round for this info, you could help them greatly.

Kominki sopot · 13th October 2016 at 1:19 am

I really like your blog.. very nice colors & theme. Did you make this website yourself or did you hire someone to do it for you? Plz respond as I’m looking to design my own blog and would like to know where u got this from. kudos

fotbollströjor · 1st April 2017 at 4:24 pm

Its like you read my mind! You appear to know so
much about this, like you wrote the book in it or something.
I think that you could do with some pics to
drive the message home a bit, but instead of that, this
is excellent blog. An excellent read. I will definitely be back.


Leave a Reply

Your email address will not be published. Required fields are marked *