vendredi, février 11, 2011

How to enable receiving UDP syslog message on Ubuntu

After loosing lot's of my precious time, here is how to enable receiving remote syslog message on a Ubuntu server 10.04 LTS:

  1. Create a new file in /etc/rsyslog.d/ and call it udp_server as example:
    • vim /etc/rsyslog.d/udp_server
  2. Add these 2 lines:
    • $ModLoad imudp
    • $UDPServerRun 514
  3. Restart rsyslog: sudo service rsyslog restart
  4. Check that it's working:
    • echo "FreeBSD rocks!" | nc -w0 -u 127.0.0.1 514
    • sudo tail /var/log/messages

Don't modify the file /etc/rsyslog.conf, it's not used at all !