Skip to main content

rsyslog file log to remote syslog

 1. rsyslog

   [file-A]     <--->    [remote rsyslog]


1) Edit conf file (The filename is your choice.)

  @: udp

  @@: tcp


/etc/rsyslog.d/01-testlog.conf

$ModLoad imfile

# Default Apache Access Log

$InputFileName /var/log/haproxy.log

#$InputFileName /var/log/httpd/access_log

#$InputFileTag httpd-access-default:

#$InputFileStateFile stat-httpd-access

#$InputFileSeverity info

$InputFileFacility local4

$InputRunFileMonitor

$InputFilePollInterval 10

local4.* @127.0.0.1:514


2) ignore local4 from /var/log/message and /var/log/syslog
  edit /etc/rsyslog.conf


Before:
*.*;auth,authpriv.none    -/var/log/syslog

After:

*.*;!(local4.*);auth,authpriv.none    -/var/log/syslog


Before:

*.=debug;\

  auth,authpriv.none;\

  news.none;mail.none -/var/log/debug

*.=info;*.=notice;*.=warn;\

  auth,authpriv.none;\

  cron,daemon.none;\

  mail,news.none    -/var/log/messages

 After:

*.=debug;\

  auth,authpriv.none;\

  news.none;mail.none -/var/log/debug

*.=info;*.=notice;*.=warn;\

  auth,authpriv.none;\

  cron,daemon.none;\

  !(local4.*);\

  mail,news.none    -/var/log/messages


2. restart rsyslog

  systemctl restart rsyslog
Labels:

Comments

Post a Comment

Popular posts from this blog

sanitize on in CMakeLists.txt

1. CMakeLists.txt set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address") add_compile_options(-fsanitize=address) If a subdir is set with add_subdirectory and a module that does not support sanitize is imported from the path and needs to be removed, add -fno-sanitize=address to add_compile_options in CMakeLists.txt of the subdir to remove it. Basically, if you enable sanitize, sanitize will adjust ulimit's core to 0, so core will not occur. You can do this by putting the following part as an environment variable. (Below is the part you put in systemd's service) 2. service file in systemd [Service] LimitCORE=infinity Environment="ASAN_OPTIONS=handle_segv=0:handle_abort=1:abort_on_error=1:disable_coredump=0"
Post a Comment
Read more

[bash-script] get_info.sh print cpu allocation infomation of threads

1) way1 ps xH -o 'pid tid cmd comm pcpu psr' 2) way2 #!/bin/bash TMP_FILE=$(mktemp /tmp/abc-script.XXXXXX) echo ${TMP_FILE} ps xH -o 'pid tid cmd comm pcpu ' > ${TMP_FILE} function make_header() {   echo -n "$1"   echo " psr" } function make_values() {   echo -n "$1"   STATUS_FILE=/proc/${2}/task/${3}/status   if [ -f ${STATUS_FILE} ] ; then     CPU_SET=`cat ${STATUS_FILE}  |grep Cpus_allowed_list |awk ' { print $2 } '`   else     CPU_SET="None"   fi   echo " ${CPU_SET}" } let IDX=0 while IFS='' read -r line || [[ -n "$line" ]]; do    LINE_SEP=( $line )    MY_PID=${LINE_SEP[0]}    MY_TID=${LINE_SEP[1]}    if [ ${IDX} -eq 0 ]; then      SZ_HEADER=`make_header "$line"`      echo ${SZ_HEADER}    else      SZ_VALUES=`make_values "$line" ${MY_PID} ${MY_TID}`      echo ${SZ_VALUES}...
Post a Comment
Read more

linux file system recovery

1. broken hdd disk backup  1) remote-server nc -v -l [port] > hdd_backup.img  2) equipment of broken hdd dd if=/dev/sda | nc -v [remote-server IP] [port]   ex)  1) remote-server nc -v -l 2222 > hdd_backup.img  2) equipment of broken hdd dd if=/dev/sda | nc -v 1.1.1.1 2222 2. use recovery tool  testdisk (http://www.cgsecurity.org/wiki/TestDisk_Download) 3. run fsck from img file  # losetup --offset 32256 /dev/loop2 harddrive.img  # fsck /dev/loop2  and again testdisk reference: https://major.io/2010/12/14/mounting-a-raw-partition-file-made-with-dd-or-dd_rescue-in-linux/ https://bbs.archlinux.org/viewtopic.php?id=136766
Post a Comment
Read more