From Fedora Project Wiki
m (rpm -q is sufficient to check installed package, no need for -i) |
m (enable and start a service in one step) |
||
Line 8: | Line 8: | ||
# Check that <code>rsyslog</code> is installed on both machines. <pre>rpm -q rsyslog</pre> | # Check that <code>rsyslog</code> is installed on both machines. <pre>rpm -q rsyslog</pre> | ||
# Check that the <code>rsyslog.service</code> is up and running. <pre>systemctl status rsyslog.service</pre> | # Check that the <code>rsyslog.service</code> is up and running. <pre>systemctl status rsyslog.service</pre> | ||
# If not, enable the service and start it. <pre>systemctl enable | # If not, enable the service and start it. <pre>systemctl enable --now rsyslog.service</pre> | ||
# On the server, edit the <code>/etc/rsyslog.conf</code> file. <pre>vi /etc/rsyslog.conf</pre> | # On the server, edit the <code>/etc/rsyslog.conf</code> file. <pre>vi /etc/rsyslog.conf</pre> | ||
# In the file, uncomment the following lines: <pre>module(load="imudp")</pre><pre>input(type="imudp" port="514")</pre> | # In the file, uncomment the following lines: <pre>module(load="imudp")</pre><pre>input(type="imudp" port="514")</pre> |
Revision as of 11:37, 13 September 2018
Description
Remote logging happens when the operating system logs events and errors to a different machine (server) over the network. This test case shows whether remote logging can be set up in a Fedora Server environment using system packages available after the installation.
Setup
- Run the default installation of Fedora Server on two different machines, either bare metal or virtual.
- When the systems are installed, check the following steps (3 and 4) on both machines.
- Check that
rsyslog
is installed on both machines.rpm -q rsyslog
- Check that the
rsyslog.service
is up and running.systemctl status rsyslog.service
- If not, enable the service and start it.
systemctl enable --now rsyslog.service
- On the server, edit the
/etc/rsyslog.conf
file.vi /etc/rsyslog.conf
- In the file, uncomment the following lines:
module(load="imudp")
input(type="imudp" port="514")
- On the server, open the UDP port 514 for incoming traffic.
firewall-cmd --permanent --add-port=514/udp
firewall-cmd --reload
- On the server, restart the
rsyslog.service
.systemctl restart rsyslog.service
- On the server, display the
/var/log/messages
so that it continues in the console.tail -f /var/log/messages
- On the client, edit the
/etc/rsyslog.conf
file.vi /etc/rsyslog.conf
- In the file, make sure, you have the following lines uncommented with proper settings included, such as
action(type="omfwd"
Target=192.168.122.201 Port="514" Protocol="udp")
- On the client, restart the
rsyslog.service
.systemctl restart rsyslog.service
How to test
- On the client, run the following command to log a testing message.
logger user.warn This is a testing machine from the client.
- On the server, check that the message appears at the end of the
/var/log/messages
file.
Expected Results
The test should be considered successful, if the following is true.
- The
rsyslog
service is installed. - If
rsyslog.service
is not running by default, it can be started without any errors. - After you edit the configuration files, the service must be restarted without any errors.
- The client sends log messages to the server which displays them in the
/var/log/messages
.
Optional
You can also try sending log messages via the tcp protocol. In that case:
- The server's
/etc/rsyslog.conf
should have different lines uncommented, i.e.module(load="imtcp")
input(type="imtcp" port="514")
- The server's firewall needs to have a tcp port 514 opened.
firewall-cmd --permanent --add-port=514/tcp
- The client's configuration has the Protocol property set to tcp.