linux 远程日志功能,Linux 配置远程日志

日志服务器上：

修改配置文件：/etc/sysconfig/syslog

原文：# Options to syslogd

# -m 0 disables 'MARK' messages.

# -r enables logging from remote machines

# -x disables DNS lookups on messages recieved with -r

# See syslogd(8) for more details

SYSLOGD_OPTIONS="-m 0 "# Options to klogd

# -2 prints all kernel oops messages twice; once for klogd to decode, and

#    once for processing with 'ksymoops'

# -x disables all klogd processing of oops messages entirely

# See klogd(8) for more details

KLOGD_OPTIONS="-x"

#

SYSLOG_UMASK=077

# set this to a umask value to use for all log files as in umask(1).

# By default, all permissions are removed for "group" and "other".

修改后：

# Options to syslogd

# -m 0 disables 'MARK' messages.

# -r enables logging from remote machines

# -x disables DNS lookups on messages recieved with -r

# See syslogd(8) for more details

SYSLOGD_OPTIONS="-m 0 -r -x"# Options to klogd

# -2 prints all kernel oops messages twice; once for klogd to decode, and

#    once for processing with 'ksymoops'

# -x disables all klogd processing of oops messages entirely

# See klogd(8) for more details

KLOGD_OPTIONS="-x"

#

SYSLOG_UMASK=077

# set this to a umask value to use for all log files as in umask(1).

# By default, all permissions are removed for "group" and "other".

客户机配置：

1. 修改配置文件：/etc/syslog.conf

原文：

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

#kern.*       /dev/console

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;authpriv.none;cron.none  /var/log/messages

# The authpriv file has restricted access.

authpriv.*      /var/log/secure

# Log all the mail messages in one place.

mail.*       -/var/log/maillog

# Log cron stuff

cron.*       /var/log/cron

# Everybody gets emergency messages

*.emerg       *

# Save news errors of level crit and higher in a special file.

uucp,news.crit      /var/log/spooler

# Save boot messages also to boot.log

local7.*      /var/log/boot.log

修改后：

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

#kern.*       /dev/console

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;authpriv.none;cron.none  /var/log/messages

# The authpriv file has restricted access.

authpriv.*      /var/log/secure

# Log all the mail messages in one place.

mail.*       -/var/log/maillog

# Log cron stuff

cron.*       /var/log/cron

# Everybody gets emergency messages

*.emerg       *

# Save news errors of level crit and higher in a special file.

uucp,news.crit      /var/log/spooler

# Save boot messages also to boot.log

local7.*      /var/log/boot.log

*.*                              @日志服务器ip

2. 重启syslog服务：/etc/init.d/syslog restart