自动化运维之日志系统Logstash实践Rsyslog(四)

6.1Logstach收集rsyslog日志

1.修改rsyslog.conf配置文件

 

1. [root@linux-node3 elasticsearch]#vim /etc/rsyslog.conf
2. *.* @@192.168.90.203:514
3. [root@linux-node3 elasticsearch]# systemctl restart rsyslog

2.编写收集rsyslog日志，写入至node4的Redis(Redis配置请自行谷歌,这里不在介绍)

 

1. [root@linux-node3 conf.d]# cat rsyslog.conf
2. input {
3. syslog {
4. type => "system_rsyslog"
5. host => "192.168.90.203"
6. port => "514"
7. }
8. }
11. output {
12. redis {
13. host => "192.168.90.204"
14. port=> "6379"
15. db => "6"
16. data_type => "list"
17. key => "system_rsyslog"
18. }
19. }