24.5. Setting Up a Host Logging Server

Hosts generate and update log files, recording their actions and problems. Collecting these log files centrally simplifies debugging.

This procedure should be used on your centralized log server. You could use a separate logging server, or use this procedure to enable host logging on the Red Hat Virtualization Manager.

Setting up a Host Logging Server

  1. Check to see if the firewall allows traffic on the UDP 514 port, and is open to syslog service traffic:

    # firewall-cmd --query-service=syslog

    If the output is no, allow traffic on the UDP 514 port with:

    # firewall-cmd --add-service=syslog --permanent
    # firewall-cmd --reload
  2. Create a new .conf file on the syslog server, for example, /etc/rsyslog.d/from_remote.conf, and add the following lines:

    template(name="DynFile" type="string" string="/var/log/%HOSTNAME%/%PROGRAMNAME%.log")
    RuleSet(name="RemoteMachine"){  action(type="omfile" dynaFile="DynFile")  }
    Module(load="imudp")
    Input(type="imudp" port="514" ruleset="RemoteMachine")
  3. Restart the rsyslog service:

    # systemctl restart rsyslog.service
  4. Log in to the hypervisor, and in the /etc/rsyslog.conf add the following line:

    *.info;mail.none;authpriv.none;cron.none @<syslog-FQDN>:514
  5. Restart the rsyslog service on the hypervisor.

    # systemctl restart rsyslog.service

Your centralized log server is now configured to receive and store the messages and secure logs from your virtualization hosts.