Follow the video
1.Stop firwall or add rule
To disable firewalld, run the following command as root:
systemctl disable firewalld
To stop firewalld, run the following command as root:
systemctl stop firewalld
And finally, to check the status of firewalld, run the following command as root:
systemctl status firewalld
2.Disable SELINUX gedit /etc/selinux/config
This command depned on version of rsyslog some times it will be look like below mention command if your rsyslog version is other then 7.4.7 then type proper command as per your rsyslog version.
3.mysql -u root -p < /usr/share/doc/rsyslog-7.4.7/mysql-createDB.sql
4.note : mysql -u root -p < /usr/share/doc/rsyslog-mysql-8.18.0/createDB.sql
Make sure firwall wall shoud be disabled or rule configured in firwall,SELINUX shoud be disabled
To configure RSYSLOG to output the messages to its database, we need to edit its configuration usingrsyslog.conf located in /etc/rsyslog.conf .
1.vi or gedit /etc/rsyslog.conf
Things to modify in the configuration file:
# Load the MySQL Module
module(load="ommysql")
Uncomment the below lines:
# for parameters see http://www.rsyslog.com/doc/imudp.html
module(load="imudp") # needs to be done just once
input(type="imudp" port="514")
# Provides TCP syslog reception
# for parameters see http://www.rsyslog.com/doc/imtcp.html
module(load="imtcp") # needs to be done just once
input(type="imtcp" port="514")
Add a new forwarding rule:
*.* :ommysql:127.0.0.1,Syslog,rsyslog,PasswordHere
# ### end of the forwarding rule ###
service rsyslog restart
No comments:
Post a Comment