INFN wiki

User Tools

Site Tools

Trace: Rsyslog (Soluzioni)
cn:ccr:formazione:centos7:2018-11:logging-soluzioni

Table of Contents

Rsyslog (Soluzioni)

Esercizio 1

cat > /etc/rsyslog.d/esercizio-1.conf <<'EOT'
 
$template tpl01,"/var/log/%timestamp:::date-year%/%programname%/%timestamp:::date-year%-%timestamp:::date-month%-%timestamp:::date-day%.log"
*.*       ?tpl01
 
EOT
 
systemctl restart rsyslog

Esercizio 2

cat > /etc/rsyslog.d/esercizio-2.conf <<'EOT'
 
:msg, contains, "importante" /var/log/all-errors
 
*.err /var/log/all-errors
 
EOT
 
systemctl restart rsyslog
 
 
logger -p info questo_log
 
logger -p crit questo_log
 
logger -p crit importante_questo_log
 
tail /var/log/all-errors

Esercizio 3

Sul server: 

cat > /etc/rsyslog.d/esercizio-3.conf <<'EOT'
 
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
 
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
 
$template tplremote,"/var/log/%timestamp:::date-year%/%HOSTNAME%/%programname%/%timestamp:::date-year%-%timestamp:::date-month%-%timestamp:::date-day%.log"
*.*       ?tplremote
 
EOT
 
systemctl restart rsyslog
 
 
ss -lntup | grep rsyslog
 
udp    UNCONN     0      0         *:514                   *:*                   users:(("rsyslogd",pid=1139,fd=3))
udp    UNCONN     0      0        :::514                  :::*                   users:(("rsyslogd",pid=1139,fd=4))
tcp    LISTEN     0      25        *:514                   *:*                   users:(("rsyslogd",pid=1139,fd=5))
tcp    LISTEN     0      25       :::514                  :::*                   users:(("rsyslogd",pid=1139,fd=6))

Sul client: 

cat > /etc/rsyslog.d/esercizio-3.conf <<'EOT'
*.* @@DESTINAZIONE
EOT
systemctl restart rsyslog

Esercizio 4

Su server e client: 

yum install rsyslog-relp

Su server: 

cat > /etc/rsyslog.d/esercizio-4.conf <<'EOT'
$ModLoad imrelp              # Load the input module
$InputRELPServerRun 20514    # Set the port to 20514
EOT
 
systemctl restart rsyslog

Su client: 

/bin/rm /etc/rsyslog.d/esercizio-3.conf
 
cat > /etc/rsyslog.d/esercizio-4.conf <<'EOT'
$ModLoad omrelp
*.* :omrelp:DESTINAZIONE:20514;RSYSLOG_ForwardFormat
EOT
 
systemctl restart rsyslog
 
logger -p info prova

su server: 

systemctl stop rsyslog

su client: 

logger -p info prova_server_spento

su server: 

tail -f /var/log/remote &
systemctl start rsyslog

su client 

logger -p info prova_server_acceso

Esercizio 5

cat > /tmp/wall-line.sh <<'EOT'
#!/bin/bash
while read line; do
  wall "$line"
done
EOT
chmod +x /tmp/wall-line.sh
 
cat > /etc/rsyslog.d/esercizio-5.conf <<'EOT'
 
module(load="omprog")
 
if ($msg contains "mondo") then {
  action(type="omprog" binary="/tmp/wall-line.sh")
}
 
EOT
cn/ccr/formazione/centos7/2018-11/logging-soluzioni.txt · Last modified: 2018/11/28 10:24 by dmaselli@infn.it
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki