Topics on this page
Configure Red Hat Enterprise Linux to receive event logs
Set up a Syslog on Red Hat Enterprise Linux 6 or 7
The following steps describe how to configure rsyslog on Red Hat Enterprise Linux 6 or 7 to receive logs from Workload Security.
- Log in as root.
- Execute:
vi /etc/rsyslog.conf
-
Uncomment the following lines near the top of the
rsyslog.conf
to change them from:
#$ModLoad imudp
to
#$UDPServerRun 514#$ModLoad imtcp
#$InputTCPServerRun 514
$ModLoad imudp
$UDPServerRun 514$ModLoad imtcp
$InputTCPServerRun 514 -
Add the following two lines of text to the end of the
rsyslog.conf
:#Save <madcap:variable name="General.ProductName">Manager logs to DSM.log</madcap:variable>
Local4.\* /var/log/DSM.log
You may need to replace
Local4
with another value, depending on your Workload Security settings.
- Save the file and exit.
- Create the
/var/log/DSM.log
file by typingtouch /var/log/DSM.log
. - Set the permissions on the DSM log so that syslog can write to it.
- Save the file and exit.
- Restart syslog:
- On Red Hat Enterprise Linux 6:
service rsyslog restart
- On Red Hat Enterprise Linux 7:
systemctl restart rsyslog
- On Red Hat Enterprise Linux 6:
When Syslog is functioning you will see logs populated in: /var/log/DSM.log
Set up a Syslog on Red Hat Enterprise Linux 5
The following steps describe how to configure Syslog on Red Hat Enterprise Linux to receive logs from Workload Security.
- Log in as root.
- Execute:
vi /etc/syslog.conf
- Add the following two lines of text to the end of the
syslog.conf
:#Save <madcap:variable name="General.ProductName">Manager logs to DSM.log</madcap:variable>
Local4.\* /var/log/DSM.log
You may need to replace
Local4
with another value, depending on your Workload Security settings.
- Save the file and exit.
- Create the
/var/log/DSM.log
file by typingtouch /var/log/DSM.log
. - Set the permissions on the DSM log so that syslog can write to it.
- Execute:
vi /etc/sysconfig/syslog
- Modify the line "
SYSLOGD_OPTIONS
" and add a "-r
" to the options. - Save the file and exit.
- Restart syslog:
/etc/init.d/syslog restart
When Syslog is functioning you will see logs populated in: /var/log/DSM.log