Red Hat Summit24.5. Setting Up a Host Logging Server
Hosts generate and update log files, recording their actions and problems. Collecting these log files centrally simplifies debugging.
This procedure should be used on your centralized log server. You could use a separate logging server, or use this procedure to enable host logging on the Red Hat Virtualization Manager.
Setting up a Host Logging Server
Check to see if the firewall allows traffic on the
UDP 514port, and is open tosyslogservice traffic:firewall-cmd --query-service=syslog
# firewall-cmd --query-service=syslogCopy to Clipboard Copied! Toggle word wrap Toggle overflow If the output is
no, allow traffic on theUDP 514port with:firewall-cmd --add-service=syslog --permanent firewall-cmd --reload
# firewall-cmd --add-service=syslog --permanent # firewall-cmd --reloadCopy to Clipboard Copied! Toggle word wrap Toggle overflow Create a new
.conffile on the syslog server, for example,/etc/rsyslog.d/from_remote.conf, and add the following lines:template(name="DynFile" type="string" string="/var/log/%HOSTNAME%/%PROGRAMNAME%.log") RuleSet(name="RemoteMachine"){ action(type="omfile" dynaFile="DynFile") } Module(load="imudp") Input(type="imudp" port="514" ruleset="RemoteMachine")template(name="DynFile" type="string" string="/var/log/%HOSTNAME%/%PROGRAMNAME%.log") RuleSet(name="RemoteMachine"){ action(type="omfile" dynaFile="DynFile") } Module(load="imudp") Input(type="imudp" port="514" ruleset="RemoteMachine")Copy to Clipboard Copied! Toggle word wrap Toggle overflow Restart the
rsyslogservice:systemctl restart rsyslog.service
# systemctl restart rsyslog.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow Log in to the hypervisor, and in the
/etc/rsyslog.confadd the following line:*.info;mail.none;authpriv.none;cron.none @<syslog-FQDN>:514
*.info;mail.none;authpriv.none;cron.none @<syslog-FQDN>:514Copy to Clipboard Copied! Toggle word wrap Toggle overflow Restart the rsyslog service on the hypervisor.
systemctl restart rsyslog.service
# systemctl restart rsyslog.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Your centralized log server is now configured to receive and store the messages and secure logs from your virtualization hosts.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}