In this lab, you will
reconfigure rsyslog to write specific messages to a new log file.
Outcomes:
The rsyslog service
writes all messages with priority debug to the /var/log/messages-debug log file
for temporay troubleshooting purposes.
1. Configure rsyslog
on ServerX to log all messages with severity debug in the newly created log
file /var/log/messages-debug by adding the rsyslog configuraiton
file /etc/rsyslog.d/debug.conf. Verify that a generated debug log
message with the logger command arrives in the /var/log/messages-debug
log file.
Change the rsyslog
configuration to log all messages with severity debug to /var/log/messages-debug
on serverX by adding the /etc/rsyslog.d/debug.conf file.
[root@server1 rsyslog.d]# ls -lrt
total 12
-rw-r--r--. 1 root root
291 Jan 27 2014
spice-vdagentd.conf
-rw-r--r--. 1 root root 2564 Feb
4 2014 gluster.conf.example
-rw-r--r--. 1 root root
49 Apr 2 2014 listen.conf
|
[root@server1 rsyslog.d]# echo "*.debug
/var/log/messages-debug" > /etc/rsyslog.d/debug.conf
|
[root@server1 rsyslog.d]# ls -l
total 16
-rw-r--r--. 1 root root
32 Dec 23 08:03 debug.conf
-rw-r--r--. 1 root root 2564 Feb
4 2014 gluster.conf.example
-rw-r--r--. 1 root root
49 Apr 2 2014 listen.conf
-rw-r--r--. 1 root root
291 Jan 27 2014
spice-vdagentd.conf
|
Restart the rsyslog service
on Server X.
[root@server1 rsyslog.d]# systemctl restart rsyslog
[root@server1 rsyslog.d]# systemctl status rsyslog
rsyslog.service - System Logging Service
Loaded: loaded
(/usr/lib/systemd/system/rsyslog.service; enabled)
Active: active (running)
since Wed 2015-12-23 08:04:07 CET; 7s ago
Main PID: 6399 (rsyslogd)
CGroup:
/system.slice/rsyslog.service
+-6399
/usr/sbin/rsyslogd -n
Dec 23 08:04:07 server1.example.com systemd[1]: Starting System
Logging Service...
Dec 23 08:04:07 server1.example.com systemd[1]: Started System Logging
Service.
|
Generate a debug log message
with the logger command and verify that the message get logged to the
log file /var/log/messages-debug with the tail command on
ServerX.
Monitor the /var/log/messages-debug
with the tail command on ServerX.
[root@server1 rsyslog.d]# tail -f /var/log/messages-debug
Dec 23 08:05:01 server1 systemd[1]: Created slice user-0.slice.
Dec 23 08:05:01 server1 systemd: Created slice user-0.slice.
Dec 23 08:05:01 server1 systemd[1]: Starting Session 48 of user
root.
Dec 23 08:05:01 server1 systemd[1]: Started Session 48 of user
root.
Dec 23 08:05:01 server1 systemd: Starting Session 48 of user
root.
Dec 23 08:05:01 server1 systemd: Started Session 48 of user root.
Dec 23 08:05:01 server1 CROND[6415]: (root) CMD (/usr/lib64/sa/sa1
1 1)
Dec 23 08:05:01 server1 CROND[6415]: (root) CMD
(/usr/lib64/sa/sa1 1 1)
Dec 23 08:05:01 server1 sssd[be[default]]: Could not start TLS
encryption. TLS error -8172:Peer's certificate issuer has been marked as not
trusted by the user.
Dec 23 08:05:01 server1 sssd[be[default]]: Could not start TLS
encryption. TLS error -8172:Peer's certificate issuer has been marked as not
trusted by the user.
|
On a Seprate terminal window,
use the logger command to generate a debug message on ServerX.
[root@server1 ~]# logger -p user.debug "Debug Message
Test"
|
Switch back to the terminal
still running the tail -f /var/log/messages-debug command and verify the
message sent with the logger command shows up.
[root@server1 rsyslog.d]# tail -f /var/log/messages-debug
....
Dec 23 08:11:24 server1 lisa: Debug Message Test
Dec 23 08:11:24 server1 lisa: Debug Message Test
|
Thank you for reading.
No comments:
Post a Comment