This guide installs rsyslog and configures it to receive remote logs.
sudo apt update
sudo apt install -y rsyslog
Edit the config file:
sudo nano /etc/rsyslog.conf
Uncomment or add these lines:
module(load="imudp")
input(type="imudp" port="514")
module(load="imtcp")
input(type="imtcp" port="514")
sudo systemctl restart rsyslog
Allow 514/udp and 514/tcp on your firewall.
See rsyslog Configuration for configuration guidance.
Any questions?
Feel free to contact us. Find all contact information on our contact page.
Prefer automation? See rsyslog Ansible Setup for an example playbook.
Prefer containers? See rsyslog Docker Setup.
See rsyslog Security for hardening guidance.