准备:
两台Linux电脑
server(A):10.1.75.177
client(B):10.1.75.229
目的:
将B上的/usr/local/record目录下的所有日志数据传输到A的/var/log/mylog/xxx.log文件中
操作:
A端
1、安装rsyslog
2、配置/etc/rsyslog.conf
[root@localhost ~]# cat /etc/rsyslog.conf |egrep -v "^(#|$)"
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 10514
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$IncludeConfig /etc/rsyslog.d/*.conf
$OmitLocalLogging on
$IMJournalStateFile imjournal.state
*.info;mail.none;authpriv.none;cron.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
*.emerg :omusrmsg:*
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
local0.* /var/log/mylog/slave_history_all.log
B端
1、安装rsyslog
2、配置/etc/rsyslog.conf
[root@localhost /etc]# cat /etc/rsyslog.conf |egrep -v "^(#|$)"
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 10514
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$IncludeConfig /etc/rsyslog.d/*.conf
$OmitLocalLogging on
$IMJournalStateFile imjournal.state
*.info;mail.none;authpriv.none;cron.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
module(load="imfile" PollingInterval="10")
input(type="imfile" File="/usr/local/records/*/*" Tag="CalculationUnit" Severity="info" Facility="local0" freshStartTail="on" deleteStateOnFileDelete="on")
local0.* @@10.1.75.177:10514
来源:oschina
链接:https://my.oschina.net/u/4295062/blog/4291529