Set up a Syslog on Red Hat Enterprise Linux 8 Parent topic

The following steps describe how to configure rsyslog on Red Hat Enterprise Linux 8 to receive logs from Workload Security.

Procedure

  1. Log in as root.
  2. Execute the following:
    vi /etc/rsyslog.conf
  3. Uncomment the following lines near the top of the rsyslog.conf to change them from:
    #module(load="imudp")
#input(type="imudp" port="514")

#module(load="imtcp")
#input(type="imtcp" port="514")
    to
    module(load="imudp")
input(type="imudp" port="514")

module(load="imtcp")
input(type="imtcp" port="514")
  4. Add the following two lines of text to the end of the rsyslog.conf:
    • #Save Manager logs to DSM.log
    • Local4.* /var/log/DSM.log
    You may need to replace Local4 with another value, depending on your Workload Security settings.
  5. Save the file and exit.
  6. Create the /var/log/DSM.log file by typing touch /var/log/DSM.log.
  7. Set the permissions on the DSM log so that syslog can write to it.
  8. Save the file and exit.
  9. Restart syslog: systemctl restart rsyslog

Set up a Syslog on Red Hat Enterprise Linux 6 or 7 Parent topic

The following steps describe how to configure rsyslog on Red Hat Enterprise Linux 6 or 7 to receive logs from Workload Security.

Procedure

  1. Log in as root.
  2. Execute the following:
    vi /etc/rsyslog.conf
  3. Uncomment the following lines near the top of the rsyslog.conf to change them from:
    #$ModLoad imudp
#$UDPServerRun 514

#$ModLoad imtcp
#$InputTCPServerRun 514
    to
    $ModLoad imudp
$UDPServerRun 514

$ModLoad imtcp
$InputTCPServerRun 514
  4. Add the following two lines of text to the end of the rsyslog.conf:
    • #Save Manager logs to DSM.log
    • Local4.* /var/log/DSM.log
    You may need to replace Local4 with another value, depending on your Workload Security settings.
  5. Save the file and exit.
  6. Create the /var/log/DSM.log file by typing touch /var/log/DSM.log.
  7. Set the permissions on the DSM log so that syslog can write to it.
  8. Save the file and exit.
  9. Restart syslog:
    • On Red Hat Enterprise Linux 6: service rsyslog restart
    • On Red Hat Enterprise Linux 7: systemctl restart rsyslog
When Syslog is functioning, you will see logs populated in /var/log/DSM.log

Set up a Syslog on Red Hat Enterprise Linux 5 Parent topic

The following steps describe how to configure Syslog on Red Hat Enterprise Linux to receive logs from Workload Security.

Procedure

  1. Log in as root.
  2. Execute the following:
    vi /etc/syslog.conf
  3. Add the following two lines of text to the end of the syslog.conf:
    • #Save Manager logs to DSM.log
    • Local4.* /var/log/DSM.log
    You may need to replace Local4 with another value, depending on your Workload Security settings.
  4. Save the file and exit.
  5. Create the /var/log/DSM.log file by typing touch /var/log/DSM.log.
  6. Set the permissions on the DSM log so that syslog can write to it.
  7. Execute: vi /etc/sysconfig/syslog
  8. Modify the line " SYSLOGD_OPTIONS " and add a " -r " to the options.
  9. Save the file and exit.
  10. Restart syslog: /etc/init.d/syslog restart
When Syslog is functioning, you will see logs populated in /var/log/DSM.log