28.3. Logging to a Remote System During the Installation
syslogoption. Specify the IP address of the logging system, and the UDP port number of the log service on that system. By default, syslog services that accept remote messages listen on UDP port 514.
192.168.1.20, enter the following at the
28.3.1. Configuring a Log Server
rsyslogto provide a syslog service. The default configuration of
rsyslogrejects messages from remote systems.
rsyslogconfiguration detailed below does not make use of any of the security measures available in
rsyslogCrackers may slow or crash systems that permit access to the logging service, by sending large quantities of false log messages. In addition, hostile users may intercept or falsify messages sent to the logging service over the network.
/etc/rsyslog.conf. You must use
rootprivileges to edit the file
/etc/rsyslog.conf. Uncomment the following lines by removing the hash preceding them:
rsyslogservice to apply the change:
su -c '/sbin/service rsyslog restart'
rootpassword when prompted.
514in the Port(s) field, and specify
udpas the Protocol.