Skip to content
Browse files

server, client konfiguration

  • Loading branch information...
1 parent 536e7bf commit c8c394d92bc5b459c6e9edd818af13bf1716a4d1 @drscream committed Jun 13, 2011
Showing with 68 additions and 11 deletions.
  1. +1 −1 presentation/Makefile
  2. +3 −1 presentation/main.tex
  3. +64 −9 presentation/rsyslog.tex
View
2 presentation/Makefile
@@ -13,4 +13,4 @@ open:
open main.dvi
clean:
- rm -f *.aux *.dvi *.log *.nav *.out *.pdf *.ps *.snm *.toc
+ rm -f *.aux *.dvi *.log *.nav *.out *.pdf *.ps *.snm *.toc *.vrb
View
4 presentation/main.tex
@@ -8,9 +8,11 @@
\usepackage{amssymb}
\usepackage{lmodern}
\usepackage{hyperref}
+\usepackage{verbatim}
% Beamer Settings
\usetheme{Singapore}
+\setcounter{tocdepth}{2}
% Default Presentation Settings
\title{Remote Logging mit rsyslog}
@@ -41,7 +43,7 @@
\framesubtitle{Fragen, Anregungen, Wünsche}
\begin{itemize}
\item Workshop am nächsten Termin der Linux User Group Weingarten
- \item Alle Unterlagen unter \url{https://github.com/drscream/rsyslog-workshop}
+ \item Alle Unterlagen unter \url{https://github.com/drscream/rsyslog-workshop}
\end{itemize}
\bigskip
\bigskip
View
73 presentation/rsyslog.tex
@@ -1,12 +1,25 @@
\section{rsyslog}
\subsection{Überblick}
-\begin{frame}
+\begin{frame}[fragile]
\frametitle{rsyslog}
\framesubtitle{"Uberblick}
\begin{itemize}
\item Alternativer syslog-Daemon
\item Standard bei Debian-basierten Distributionen
\end{itemize}
+ \begin{center}
+ \begin{tiny}
+ \begin{verbatim}
+ 2011-06-13T10:14:50 bayamo rsyslogd: -- MARK --
+ 2011-06-13T10:14:55 bayamo sshd[11015]: Accepted publickey for tm from 172.22.175.51 port 49425 ssh2
+ 2011-06-13T10:14:55 bayamo sshd[11015]: pam_unix(sshd:session): session opened for user tm by (uid=0)
+ 2011-06-13T10:14:56 bayamo sudo: tm : TTY=pts/0 ; PWD=/home/tm ; USER=root ; COMMAND=/bin/su
+ 2011-06-13T10:14:56 bayamo su[11083]: Successful su for root by root
+ 2011-06-13T10:14:56 bayamo su[11083]: + /dev/pts/0 root:root
+ 2011-06-13T10:14:56 bayamo su[11083]: pam_unix(su:session): session opened for user root by tm(uid=0)
+ \end{verbatim}
+ \end{tiny}
+ \end{center}
\end{frame}
\subsection{Vorteile}
@@ -22,25 +35,67 @@ \subsection{Vorteile}
\end{frame}
\subsection{Installation}
-\begin{frame}
+\begin{frame}[fragile]
\frametitle{rsyslog}
\framesubtitle{Installation}
Paketmanager des Systems ist zu empfehlen
-\begin{block}{Blocktitel}
-Blockinhalt
-\end{block}
-
+ \bigskip
+ \begin{block}{Debian, Ubuntu}
+ \begin{verbatim}
+ apt-get install rsyslog
+ \end{verbatim}
+ \end{block}
\end{frame}
\subsection{Konfiguration}
\subsubsection{Konfigurationsdateien}
-\begin{frame}
+\begin{frame}[fragile]
\frametitle{rsyslog}
\framesubtitle{Konfigurationsdateien}
+ \begin{block}{Dateien und Verzeichnisse}
+ \begin{verbatim}
+ /etc/rsyslog.conf
+ /etc/rsyslog.d/*.conf
+ \end{verbatim}
+ \end{block}
+ Sortierung erfolgt durch Nummerierung:
+ \begin{itemize}
+ \item \verb|/etc/rsyslog.d/00-AllowedHosts.conf|
+ \item \verb|/etc/rsyslog.d/10-RemoteLinuxServers.conf|
+ \item \verb|/etc/rsyslog.d/99-Default.conf|
+ \end{itemize}
\end{frame}
\subsubsection{Remote Logging aktivieren}
-\begin{frame}
- \frametitle{rsyslog}
+\begin{frame}[fragile]
+ \frametitle{rsyslog (server)}
+ \framesubtitle{Remote Logging aktivieren}
+ In \verb|/etc/rsyslog.conf|, folgende Zeile einfügen:
+ \begin{verbatim}
+ $ModLoad imudp
+ $UDPServerRun 514
+ \end{verbatim}
+\end{frame}
+\begin{frame}[fragile]
+ \frametitle{rsyslog (Server)}
+ \framesubtitle{Remote Logging aktivieren}
+ Zugriffssteuerung in \verb|/etc/rsyslog.d/00-AllowRemoteLogging.conf|
+ \begin{verbatim}
+ # Ein Host
+ $AllowedSender UDP, 192.168.56.100
+ # Alle Hosts aus einem Subnetz
+ $AllowedSender UDP, 192.168.56.0/24
+ # Jeder von kernel.org
+ $AllowedSender UDP, *.kernel.org
+ \end{verbatim}
+\end{frame}
+
+\begin{frame}[fragile]
+ \frametitle{rsyslog (Linux Client)}
\framesubtitle{Remote Logging aktivieren}
+ Eintrag in \verb|/etc/rsyslog.d/00-RemoteLogging.conf|
+ \begin{verbatim}
+ *.* @192.168.56.1
+ \end{verbatim}
+ Viele syslog-Daemons werden unterstützt
\end{frame}

0 comments on commit c8c394d

Please sign in to comment.
Something went wrong with that request. Please try again.