Spread the love

Rsyslog is an open-source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IPnetwork. It implements the basic syslog protocol, extends it with content-based filtering, rich filtering capabilities, queued operations to handle offline outputs,[2] support for different module outputs,[3] flexible configuration options and adds features such as using TCP for transport.


pico /etc/rsyslog.conf


# provides UDP syslog reception
input(type="imudp" port="514")
Code language: PHP (php)


# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
if $fromhost-ip startswith '' then /var/log/switch-10-20-26-5.log
if $fromhost-ip startswith '' then /var/log/switch-10-20-6-12.log
if $fromhost-ip startswith '10.20.' then /var/log/switches.log
Code language: PHP (php)


/etc/init.d/rsyslog restart

Configure the remote switch maybe (like cisco sg300 or cisco 2960 or other)
with log server (the IP of your Linux machine) UDP port 514 Facility Local 7 Description if you like and minimum Severity Notice
If you want to access the logs with apache

chmod -R go+rX /var/log/
Code language: JavaScript (javascript)

Here is a simple php script for apache /home/latewebi/public_html/log.php

$output = shell_exec('tac /var/log/switches.log');
echo "<pre>$output</pre>";
Code language: HTML, XML (xml)

Leave a Reply