但是,当我添加Cisco ASA防火墙时,它会记录其消息!
rsyslog.conf如下:
# rsyslog v5 configuration file# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.HTML# If you experIEnce problems,see http://www.rsyslog.com/doc/troubleshoot.HTML### MODulES ####$ModLoad imuxsock # provIDes support for local system logging (e.g. via logger command)$ModLoad imklog # provIDes kernel logging support (prevIoUsly done by rklogd)# ProvIDes UDP syslog reception$ModLoad imudp$UDPServerRun 514#### GLOBAL DIRECTIVES ##### Use default timestamp format$ActionfileDefaultTemplate RSYSLOG_TraditionalfileFormat# Include all config files in /etc/rsyslog.d/$IncludeConfig /etc/rsyslog.d/*.conf# Log all kernel messages to the console.# Logging much else clutters up the screen.#kern.* /dev/console# Log anything (except mail) of level info or higher.# Don't log private authentication messages!*.info;mail.none;authpriv.none;cron.none /var/log/messages# The authpriv file has restricted access.authpriv.* /var/log/secure# Log all the mail messages in one place.mail.* -/var/log/maillog# Log cron stuffcron.* /var/log/cron# Everybody gets emergency messages*.emerg *# Save news errors of level crit and higher in a special file.uucp,news.crit /var/log/spooler# Save boot messages also to boot.loglocal7.* /var/log/boot.log
配置文件如下:
##RSYSLOG configuration file for Remote Logs$fileCreateMode 0640 $template PerHostLog,"/var/log/remote/%HOSTname%.log"if ($fromhost-ip startswith '10.1.5' or $fromhost-ip startswith '10.2.8') then -?PerHostLog& ~
这些规则有什么问题吗?
TCPdump显示来自10.2.8.1主机的消息到达服务器,但syslog选择忽略它们.为什么??
以上是内存溢出为你收集整理的linux – rsyslog不会将远程消息写入特定主机的日志文件全部内容,希望文章能够帮你解决linux – rsyslog不会将远程消息写入特定主机的日志文件所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)