Syslog configuration on RedHat

Search another article?

Syslog configuration on RedHat

You are here:
< Back

On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used.
If not already present, install rsyslog packet.

yum -y install rsyslog

Edit “rsyslog.cong” file

vi /etc/rsyslog.conf

Add the following row in order to send only authentication logs. Is possible use the IP or the hostname of SGBox

auth,authpriv.* @SGBox-IP

Alternatively, you can add the following row if you want send all logs to SGBox. It will be useful for a in-depth research.

*.* @SGBox-IP

Restart rsyslog deamon to load the new configuration and start to send logs

systemctl restart rsyslog.service