1. rsyslog [file-A] <---> [remote rsyslog] 1) Edit conf file (The filename is your choice.) @: udp @@: tcp /etc/rsyslog.d/01-testlog.conf $ModLoad imfile # Default Apache Access Log $InputFileName /var/log/haproxy.log #$InputFileName /var/log/httpd/access_log #$InputFileTag httpd-access-default: #$InputFileStateFile stat-httpd-access #$InputFileSeverity info $InputFileFacility local4 $InputRunFileMonitor $InputFilePollInterval 10 local4.* @127.0.0.1:514 2) ignore local4 from /var/log/message and /var/log/syslog edit /etc/rsyslog.conf Before: *.*;auth,authpriv.none -/var/log/syslog After: *.*;!(local4.*);auth,authpriv.none -/var/log/syslog Before: *.=debug;\ auth,authpriv.none;\ news.none;mail.none -/var/log/debug *.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages After: *...