When you are about to deploy an application, you’ve got a lot of problems to solve.
How are you going to deal with backups, monitoring, filtering admin connections?
One of these problems concerns the management of system and application messages.
There are many available options. One of them is to use rsyslog.
With rsyslog, you can store system and application messages into local files or/and send them to a remote server according to the configuration located in the /etc/rsyslog.conf file or the /etc/rsyslog.d directory.
However, what happens if your central rsyslog server is not available because of maintenance or failure? You loose all your platform messages during this time! This is not good.
But, there is a solution: you can perfectly configure two or several remote rsyslog servers in your client configuration (still in /etc/rsyslog.conf) as follows:
# ### begin forwarding rule ### $ActionQueueFileName fwdRule1 # unique name prefix for spool files $ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) $ActionQueueSaveOnShutdown on # save messages to disk on shutdown *.* @@remote-host1:514 $ActionExecOnlyWhenPreviousIsSuspended on & @@remote-host2:514 & @@remote-host3:514 $ActionExecOnlyWhenPreviousIsSuspended off # ### end of the forwarding rule ###
Then, check the syntax:
# rsyslogd -N 1 rsyslogd: version 7.4.7, config validation run (level 1), master config /etc/rsyslog.conf rsyslogd: warning: ~ action is deprecated, consider using the 'stop' statement instead [try http://www.rsyslog.com/e/2307 ] rsyslogd: End of config validation run. Bye.
This way, all the messages go to the remote-host1 server by default. If the remote-host1 server doesn’t answer, messages are sent to the remote-host2 server, then to the remote-host3 server if the previous server doesn’t reply.
You can find all the details in the tutorial about Configuring a system to log to a remote system.
There are certainly other options but this one is pretty simple and works fine.
Note: Rsyslog was an RHCE 6 objective but doesn’t appear in the RHCE 7 objectives anymore.
Upcoming Events (Local Time) 
Loading ...
Recent Comments