0

How can we configure the logs of rsyslog into a specific port? i have to use another Daemon which is listen to this specific port. I tried this code in configuration file. But, it not works '.@localhost:47111' and '.@127.0.0.1:47111' .The configuration file of rsyslog is as follows:

#  /etc/rsyslog.conf    Configuration file for rsyslog.
#
#           For more information see
#           /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
#  Default logging rules can be found in /etc/rsyslog.d/50-default.conf


#################
#### MODULES ####
#################

module(load="imuxsock") # provides support for local system logging
module(load="imklog")   # provides kernel logging support
#module(load="immark")  # provides --MARK-- message capability

# provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="514")

# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")

# Enable non-kernel facility klog messages
$KLogPermitNonKernelFacility on
###########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog

#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog

#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf

Thanks in advance

Nikhil S
  • 23
  • 2
  • 8

1 Answers1

1

If you are using TCP, try adding given line to config

*.* @@127.0.0.1:47111

if UDP

*.* @127.0.0.1:47111

EDIT: above process will work only for remote hosts If you want to use localhost, then add given lines in config

If TCP

$ModLoad imtcp
$InputTCPServerRun 47111

If UPP

$ModLoad imudp
$UDPServerRun 47111
Mesar ali
  • 1,832
  • 2
  • 16
  • 18
  • But, even if i tried it in the configuration file, the **netstat -tulnp | grep 47111** command not shows the port open. – Nikhil S Apr 12 '18 at 05:57
  • yeah, i restarted with the command **sudo service rsyslog restart**, and it is found that the process id is changed. – Nikhil S Apr 12 '18 at 06:36
  • It's jus a configuration to send syslogs to remote syslog server, so it'll not open any port on this system, As you are using localhost, but still you have to open port youself to receive syslogs – Mesar ali Apr 12 '18 at 06:47