How to Setup Central Logging Server with Rsyslog in Linux

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

10 Responses

  1. Randeep Singh says:

    Does rsyslog configuration support failover? for example does it work on primary secondary model?

    If yes how I can defined in .conf file.

  2. DHARANI BABU says:

    Hi Team,

    I need to send non-standard logs to remote server via rsyslog. can you please share me steps ,

    For Example, if i need to send a /var/opt/httpd/httpd.logs to my remote host via rsyslog . Please share me steps to my email ID ?

  3. linuxman1 says:

    Thanks, worked on Centos 7 servers very well.

  4. PC says:

    This works for remote logs coming in. However, this seems to prevent the local logs on the rsyslog server from being stored. How would you modify this so that the local logs for the rsyslog server itself are stored in the same directory structure as all the other logs from remote servers?

  5. Sitha says:

    What are the different between rsyslog on Centos7 and Ubuntu? I really hard to identify it.

  6. Sebastien says:


    Thank you for this article.

    A little modification in lines of forward configurations, you have a space character between characters . and *:

    *. *  @@ => *.*  @@
    auth. *  @@ => auth.*  @@


  7. Robert Meyer says:

    Why did you choose to ignore the whole block of information above your single line forwarding rule? This client rule will hang if the syslog server isn’t answering.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.