This documentation supports the 20.02 (12.0) version of BMC Discovery.To view an earlier version of the product, select the version from the Product version menu.

Redirecting OS level events to a remote server

OS level events from the BMC Discovery appliance can be forwarded to a remote syslog server. 

Note

This procedure only affects the operating system logs, not the BMC Discovery product logs.

You must have a syslog server that is configured to accept logs from remote clients. 

To configure BMC Discovery to send OS logs to a remote server

  1. As the root user, edit the syslog configuration file, /etc/rsyslog.conf adding the following entry at the top. Replace the IP address with that of your syslog server:

    # Send everything to the remote syslog server

    *.* @192.168.1.100

  2. Restart the syslog service on the appliance. Enter:

    [tideway@localhost]$ sudo /usr/bin/systemctl restart rsyslog.service
    [tideway@localhost]$ 

  3. Test that the integration works. Use the logger utility to send a syslog message. For example:

    [tideway@localhost ~]$ logger this is a test of remote logging
    [tideway@localhost ~]$ su -
    Password:
    [root@localhost ~]$ tail -n5 /var/log/messages
    Aug 20 13:38:15 localhost systemd: Created slice User Slice of tideway.
    Aug 20 13:38:15 localhost systemd-logind: New session 369 of user tideway.
    Aug 20 13:38:15 localhost systemd: Started Session 369 of user tideway.
    Aug 20 13:38:18 localhost tideway: this is a test of remote logging
    Aug 20 13:38:33 localhost su: (to root) tideway on pts/1
    [root@localhost ~]$ 

    Then log in to the remote syslog server and check that the same messages appear.


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*