Rsyslog+H3C日志系统
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Rsyslog+H3C日志系统相关的知识,希望对你有一定的参考价值。
一、交换机发送日志到linux主机
[9F-3600V2-EI]info-center loghost 192.168.11.36
[9F-3600V2-EI]info-center enable
二、linux下配置
1.建立日志文件路径,路径可以修改
[[email protected] h3c]# mkdir /var/log/h3c
[[email protected] h3c]#touch /var/log/h3c/log
[[email protected] h3c]#vim /etc/rsyslog.conf 修改配置文件
# rsyslog v5 configuration file
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
#### MODULES ####
#$ModLoad immark # provides --MARK-- message capability
# Provides UDP syslog reception #############去掉#号########################
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
#### GLOBAL DIRECTIVES ####
# not useful and an extreme performance hit
#$ActionFileEnableSync on
$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
authpriv.* /var/log/secure
# Log all the mail messages in one place.
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg *
# Save boot messages also to boot.log
# ### begin forwarding rule ###
# The statement between the begin ... end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
#
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#$WorkDirectory /var/lib/rsyslog # where to place spool files
#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList # run asynchronously
#$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
###########添加内容#################################
SYSLOGD_OPTIONS="-c 2 -r -x -m 180"
KLOGD_OPTIONS="-x"
local7.info /var/log/h3c/log
#########service rsyslog status/stop/start
配置完成后,linux主机可正常接收网络设备日志
本文出自 “山猫” 博客,谢绝转载!
以上是关于Rsyslog+H3C日志系统的主要内容,如果未能解决你的问题,请参考以下文章