Setting up the Environment for Linux

Syslog Writer on Linux will most likely involve only one machine, as the Syslog server can be a local one. This machine will have Docker to run Syslog Writer, and the Syslog server.

Setting up Docker on Linux

The installation commands in this section are specific to CentOS 6.9. If you have another supported OS, the following link takes you to the installation instructions for Docker on your OS:

https://docs.docker.com/engine/installation/

  1. Make sure that the existing yum packages are updated and that the EPEL repository is enabled:

    sudo yum update
    sudo yum install –y epel-release
  2. Install Docker:

    sudo yum install –y docker-io
  3. Start the Docker daemon:

    sudo service docker start
  4. Make sure that the Docker service is running:

    sudo service docker status

Setting up Syslog Server on Local Host Machine

  1. Allow TCP input in the Syslog server configuration.

    TCP ensures that no messages are lost even when the load is high, so it is used by Syslog Writer for logging events to the Syslog server (local or remote). The steps in this section are specific for setting up rsyslog to receive TCP input.

    Note:   If you have a different syslog server, you will need to modify the syntax accordingly.

    1. Open the rsyslog configuration file:

      sudo vi /etc/rsyslog.conf

    2. Uncomment the following two lines in the rsyslog.conf file (if they are commented out):

      $ModLoad imtcp

      $InputTCPServerRun 514

    3. Restart the rsyslog server:

      sudo service rsyslog restart

  2. Monitor syslog

    Before starting Syslog Writer, it is helpful to keep another terminal window open to check syslog:

    sudo tail –f /var/log/messages

Note:   The path for Ubuntu is: /var/log/syslog