Rsyslog collecting logs on secondary interface / ip address.

This is the place for you, if you got rsyslog up and running but wonder how to make it do what you want.

Moderator: rgerhards

Google Ads


Rsyslog collecting logs on secondary interface / ip address.

Postby thejester2112 » Wed Dec 06, 2017 4:05 pm

Hello,

I am trying to have Rsyslog collect logs the system receives on a secondary interface / IP address (ens33:0, 1.1.1.2) to better categorize the data as it come in from various source devices/types.

There were a few similar posts but there isn't any resolutions to them.
https://kb.monitorware.com/post4927.html?hilit=secondary%20ip#p4927
http://kb.monitorware.com/rsyslog-not-l ... 12688.html


System info / Version
OS is a VM running CentOS Linux release 7.3.1611
rsyslogd: version 8.26.0

[user@syslogsrver]$ netstat -nau | egrep 514
udp 0 0 0.0.0.0:514 0.0.0.0:*
udp 0 0 0.0.0.0:514 0.0.0.0:*
udp6 0 0 :::514 :::*
udp6 0 0 :::514 :::*


[user@syslogsrver]$ ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 1.1.1.1 netmask 255.255.255.0 broadcast 1.1.1.255
ether 00:50:56:8f:27:22 txqueuelen 1000 (Ethernet)
RX packets 57715147055 bytes 21087134877163 (19.1 TiB)
RX errors 0 dropped 3563390 overruns 0 frame 0
TX packets 86194582738 bytes 22106267369658 (20.1 TiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 1.1.1.2 netmask 255.255.255.0 broadcast 1.1.1.255
ether 00:50:56:8f:27:22 txqueuelen 1000 (Ethernet)



Config has been attached. When we send syslog to the secondary IP address it does not get written to file. It seems that it just gets lost. Any thoughts?

Thanks!
Attachments
rsyslog.conf-test-secondary-ip.txt
Config File
(6.94 KiB) Downloaded 7 times
thejester2112
New
 
Posts: 8
Joined: Fri Mar 24, 2017 8:38 pm

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Google Ads


Return to Configuration

Who is online

Users browsing this forum: Bing [Bot] and 0 guests

cron