Syslog Writer on Linux will most likely involve only one machine, as the Syslog server can be a local one. This machine will have Docker to run Syslog Writer, and the Syslog server.
The installation commands in this section are specific to CentOS 6.9. If you have another supported OS, the following link takes you to the installation instructions for Docker on your OS:
Make sure that the existing yum packages are updated and that the EPEL repository is enabled:
sudo yum update
sudo yum install –y epel-release
sudo yum install –y docker-io
Start the Docker daemon:
sudo service docker start
Make sure that the Docker service is running:
sudo service docker status
Allow TCP input in the Syslog server configuration.
TCP ensures that no messages are lost even when the load is high, so it is used by Syslog Writer for logging events to the Syslog server (local or remote). The steps in this section are specific for setting up rsyslog to receive TCP input.
Note: If you have a different syslog server, you will need to modify the syntax accordingly.
Open the rsyslog configuration file:
sudo vi /etc/rsyslog.conf
Uncomment the following two lines in the rsyslog.conf file (if they are commented out):
Restart the rsyslog server:
sudo service rsyslog restart
Before starting Syslog Writer, it is helpful to keep another terminal window open to check syslog:
sudo tail –f /var/log/messages
Note: The path for Ubuntu is: /var/log/syslog