CentOS

How to Set up a Syslog Server in CentOS 8

A server known as Syslog (System Logging Protocol) connects and works on different servers. It was started in the 1980s, while Rsyslog was started in 2004. The Syslog agents can be utilized in various contexts for the transmission of information messages. It can control all the servers from the same system and solve the problem from Syslog without going to anyone’s server. So if you want to set up a Syslog Server in CentOS 8 easily, read our post thoroughly.

How to Set up a Syslog Server in CentOS 8

  • Syslog is useful for tracking information in network equipment, such as servers, firewalls, and routers.
  • In Syslog, in the event of a crash in the remote server, people do not have to worry about losing data because they are available on Syslog.
  • In the new server, Syslog has to be managed by Rsyslog, and this aspect makes it easy to work.
  • Syslog is a major server sd, and all the servers are internally controlled and used by Rsyslog even after being remote in Syslog.
  • Windows-based servers do not support Syslog directly but are supported by third parties.

To install Rsyslog, use the following command:

systemctl start rsyslog.service

If the service is not running correctly or if Rsyslog is not, use the following command:

dnf install rsyslog"

After this, we will start the service by giving the command:

systemctl start rsyslog.service

Now, to make Rsyslog a centralized service, use the command:

vi /etc/rsyslog.conf

In this step, “module(load=”imudp”) # requires setting up Rsyslog server in UDP by port 514, so use this command:

input(type="imudp" port="514")

In “module(load=”imtcp”) # use the following command for accessing TCP Rsyslog:

input(type="imtcp" port="514")

After this, to restart the service, use the command provided:

service rsyslog restart

The next form is the log server to act as a centralized log server and record in Syslog as soon as it starts. To confirm this, use the command:

netstat -tulpn | grep rsyslog

Also, if it doesn’t have NetStart installed, then install it through this command:

dnf whatprovides netstat

and

"dnf install net-tools".

Now, if the SEmanage command is not activated, you have to provide this command:

dnf whatprovides semanage
dnf install policycoreutils-python-utils

This will activate SELinux. To allow Rsyslog traffic when SELinux is enabled, use the following command:

semanage port -a -t syslogd_port_t -p udp 514 (in UDP)
semanage port -a -t syslogd_port_t -p tcp 514 (in TCP)

If the server has a firewall enabled, then use these commands for the firewall port permission:

firewall-cmd --permanent --add-port=514/udp (in UDP)
"firewall-cmd --permanent --add-port=514/tcp (in TCP)

Also, you can use this command:

firewall-cmd --reload

Conclusion

This article has provided every possible way to set up the Syslog server. The Syslog server is beneficial in tracking information and connecting different servers. We hope you found this article useful. Please let us know if you have any questions.

About the author

Ankit Sharma