• 【Rsyslog】

    一、系统信息说明

    本案例共分为2台机器,一台机器为Rsyslog服务器端,另一台机器为Rsyslog客户端。其中客户端安装的有tomcat. 通过配置,将客户端的日志发送到Rsyslog服务器端。

    #服务端IP
10.10.10.102
#客户端IP
10.10.10.103

      

    二、配置文件

    1.服务端10.10.10.102配置文件

    [root@monkey ~]# cat /etc/rsyslog.conf|grep -v '^#'|sed '/^$/d'
    $ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$ModLoad imudp
$UDPServerRun 514
$template  SpiceTmpl,"%msg:2:$%
" #定义一个模块,去掉开头的空格
$template  ChannelmanageCatalinaDynaFile,"/data/rsyslog/%fromhost-ip%/channelmanage/catalina_%$YEAR%-%$MONTH%-%$DAY%.log"
:rawmsg,contains,"catalina-10.10.10.102-8080" ?ChannelmanageCatalinaDynaFile;SpiceTmpl
$ModLoad imtcp
$InputTCPServerRun 514
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$IncludeConfig /etc/rsyslog.d/*.conf
$OmitLocalLogging on
$IMJournalStateFile imjournal.state
*.info;mail.none;authpriv.none;cron.none                /var/log/messages
authpriv.*                                              /var/log/secure
mail.*                                                  -/var/log/maillog
cron.*                                                  /var/log/cron
*.emerg                                                 :omusrmsg:*
uucp,news.crit                                          /var/log/spooler
local7.*                                                /var/log/boot.log

     

    2.客户端10.10.10.103配置文件

    rsyslog配置文件

    [root@node1 ~]# cat /etc/rsyslog.conf|grep -v '^#'|sed '/^$/d'
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$template myFormat,"%timestamp% %fromhost-ip% %msg%
"
module(load="imfile" PollingInterval="5") 
input(type="imfile"
      File="/usr/local/apache-tomcat-9.0.24/logs/catalina.out"
      Tag="foobar"
      Severity="error"
      Facility="local7")
$IncludeConfig /etc/rsyslog.d/*.conf
$OmitLocalLogging on
$IMJournalStateFile imjournal.state
*.info;mail.none;authpriv.none;cron.none                /var/log/messages
authpriv.*                                              /var/log/secure
mail.*                                                  -/var/log/maillog
cron.*                                                  /var/log/cron
*.emerg                                                 :omusrmsg:*
uucp,news.crit                                          /var/log/spooler
local7.*                                                /var/log/boot.log
*.*                 @10.10.10.102:514

    tomcat安装目录:/usr/local/apache-tomcat-9.0.24

    三、测试

    在配置文件完成后,重启rsyslog服务。

    systemctl restart rsyslog
systemctl status  rsyslog

    通过查看服务器的/var/log/messages文件,可看到apache-tomcat的日志已经发送过来。
  • 相关阅读:
    用mathematica求六元一次方程组且方程个数比变量个数少一个
    abaqus学习笔记-abaqus与umat调用基本原理
    abaqus UMAT二次开发能用fortran90吗?
    vba遗传算法之非一致性突变
    学习刘伟择优excel视频
    EXCEL中R1C1样式引用
    Oracle常见问题
    Oracle数据库 —— DML完结
    Bootstrap前端框架
    Jsoup学习笔记
  • 原文地址:https://www.cnblogs.com/xialiaoliao0911/p/11555685.html
Copyright © 2020-2023  润新知