1
edit
Changes
→Using syslog to route log files to a remote host
===Using syslog to route log files to a remote host===
*On your host machine (f16) vm01 edit /etc/rsyslog.conf and make the following change:
#*.* @@remote-host:514
*to
*.* @@192.168.122x.xxx2:514*where xxx is the IP of vm01 f16 host (your logging machine)
*Now restart your rsyslog service (service systemctl restart rsyslog restart).service*Go back on to vm01 your f16 host and edit /etc/rsyslog.conf and make uncomment the following change:change these two lines #$ModLoad imtcp.so #$InputTCPServerRun 514*to
$ModLoad imtcp.so
$InputTCPServerRun 514
*Still on vm01f16, restart syslog. NOTE: At this point you should use iptables to open up tcp port 514 on vm01.*Now go back onto f16 on vm01 and use the logger command to verify logging messages are getting through to vm01your f16 host. Try this command
logger -p user.warn "Hello World"
*Use the command "tail /var/log/messages" on vm01 the f16 host to view the results of the previous step. *Make the needed changes to have logging of all vm's take place on your host.
==Answer the following questions and and email them to your teacher in ASCII text format==