웹 Access 로그

vi /etc/rsyslog.d/80-httpd-remote.conf

 #variables required for non-syslog log file forwarding – plura weblog
 #edit on your location

 input(type=”imfile”
 File=”/var/log/plura/weblog.log”
 Tag=”httpd”
 Severity=”info”
 Facility=”local7″)

 ###### Creates a template for each log file in the Logentries UI
 ### logic to apply the relevant templates to the different log files

 if $programname == ‘httpd’ then @PLURA_Log_Collector_Server:514 #UDP
 :programname, isequal, “httpd” stop

service rsyslog restart

nc -zu PLURA_Log_Collector_Server 514

 Connection to PLURA_Log_Collector_Server 514 port [udp/syslog] succeeded!

firewall-cmd –add-port 514/udp

firewall-cmd –reload

vi /etc/rsyslog.d/77-plura.conf

 $template CEETemplate, “%msg:2:$:%\n”

 # Provides UDP syslog reception
 $ModLoad imudp
 $UDPServerRun 514

vi /etc/rsyslog.d/99-plura.conf

 $template DynaFile, “/var/log/plura/weblog-%FROMHOST-IP%.log”
 *.* -?DynaFile;CEETemplate

service rsyslog restart

ls -al /var/log/plura/