Centos – How to redirect third party logs to log server in Centos

centosrsyslogsyslog-ng

I want to setup a simple log server to accept logs from all clients. I am not talking about standard system logs such as /var/log/mail , message, boot etc. I want to redirect or send application logs and they may not be using syslog daemon at all to log their message.

Such as /appdir/log/error.log.

I ran across many posts on the internet; most suggest using rsyslog or syslog-ng. Well so far I have been able to redirect the standard system logs not the application logs. I am using centos 5/6 environment.

Best Answer

There are two main approaches to this I've seen.

Firstly many applications will have the ability to write to a syslog host natively. This is the best route to go. In other cases I'll use a basic script - something like shown below works. 

sudo tail /my/app/log | nc -w0 -u 192.168.1.1 514

EDIT - there is indeed a way to handle this within syslog-ng if you are running it on the system generating the logs. Substitute the naming convention and destination as desired. Something similiar is also available for rsyslog but it's clunkier (imho). 

source s_trbdk3 {
   file("/var/log/trbdk3.log" flags(no-parse) program_override("trbdk3")  );
};
log{
    source(s_trbdk3);
    destination( d_mesg );
 };
Related Topic