Keep your finger on the pulse with rsyslog and LogAnalyzer

It's easy to miss something when you need to monitor dozen of logs on different servers and some other devices. Fortunately there is a simple solution as you can use rsyslog with PostgreSQL or MySQL support to store all local and remote events on your network and then visualize results using LogAnalyzer.

Send events to the @local.rsyslog.server:

*.*    @local.rsyslog.server

Inform rsyslog to use MySQL database (after populating database):

$ModLoad ommysql.so
*.*    :ommysql:server,dbname,user,pass

Configure rsyslog to listen on udp port and accept events only from predefined hosts or networks:

$ModLoad imudp
$UDPServerRun 514

$AllowedSender UDP, 11.21.33.41, 10.5.3.0/24
Milosz Galazka's Picture

About Milosz Galazka

Milosz is a Linux Foundation Certified Engineer working for a successful Polish company as a system administrator and a long time supporter of Free Software Foundation and Debian operating system. He is also open for new opportunities and challenges.

Gdansk, Poland https://sleeplessbeastie.eu