Showing results for 
Search instead for 
Did you mean: 

Information on setting up rsyslog on Red Hat 7

Level 1
Level 1

Hello all,


I hope this is the right community to place this. I am working on building a new server for use as our corporate syslog / ftp server as the exiting one is about to die. The old server is a red hat 5 where the new server is red hat 7. Old server has been rock solid and working great other than running out of space and hardware trying to fail.


Our server group built the new server and I have started the process of getting rysylog up and running. I had no issue with the install and started the configuration by trying to use the existing rsyslog.conf file from the old system so everything would be in the same locations and formats all our other process have been created around. I have no error messages when starting the service but I get no file created and nothing appears to be logged. I cannot figure out if this is an issue with the different versions, if there needs to be a different format for the .conf file, a permissions thing or what. I have been going through just about everything I can find in google to see what the issue is. I am not a linux person by any means but can usually stumble around and figure things out. I figure it should not be this hard but running out o ideas. That is why I am posting here. Anyone can help or point me in the direction of assistance in getting this up and running would be grateful. I have attached the .conf file I pulled from the existing server as my base starting point. Thanks in advance for the assistance..



6 Replies 6

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

Have you configured firewalld/ iptables to permit inbound traffic, default UDP/514 ?




I have not. I do know the firewall application was uninstalled. Guess need to go look at iptables now.

What is the output of:

iptables -t filter --list

 ...and also:

netstat -tnlp | grep rsyslog



iptables -xnvL  give you iptables rules.

if any rules running, if this is not production box

try iptables -F and see if you have any logs ?





***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Joe Clarke
Cisco Employee
Cisco Employee

The file specifications here are all missing '/' to separate directories.  In fact, it looks like all '/' characters are missing from this file.  Attached is my attempt to restore them.  Really, you should look at a backup to get the unmolested version of this file.

Maybe something did not come over in the copy and paste as they are there. I have copied the .conf off the existing server and replaced it on the new one as well as reinstalled the firewall manager tool. We verified the appropriate ports and services for rsyslog are enabled and reloaded the server. Once it came back online everything started working.