Seamless Log Forwarding: Configuring Fedora 40 to Send Logs to Nagios Log Server 2024R2

Picture of Ayub Huruse
Ayub Huruse
fedora 40

Effective log management is essential for maintaining a secure and well-monitored IT environment. Fedora 40, like any modern Linux distribution, generates a wealth of system logs that can provide crucial insights into performance, security events, and troubleshooting. Nagios Log Server 2024R2 offers a centralized solution for collecting and analyzing these logs, helping administrators stay ahead of potential issues.

This guide will take you through the step-by-step process of configuring Fedora 40 to forward its logs using rsyslog, ensuring seamless integration with Nagios Log Server for enhanced monitoring and real-time log analysis.

Prerequisites

Before proceeding, ensure you have the following:

  • A running Nagios Log Server 2024R2 instance.
  • A system running Fedora 40
  • Root or sudo privileges on your Fedora machine
  • Network connectivity between Fedora and Nagios Log Server (ensure port 5544 is open)

Step 1: Add a New Log Source in Nagios Log Server

  1. Login to Nagios Log Server:
    • Open your web browser and navigate to your Nagios Log Server instance.
    • Log in using your administrator credentials.
  2. Navigate to Log Source Setup:
    • On the Home page, locate and click the + Linux button in the upper right.
linux circle screenshot 4
+ Linux

3. Alternatively, click + Add Log Source in the navigation bar and select Linux.

Add log source screenshot
+ Add Log Source

Step 2: Configuring the Linux Log Source

1. Download and Run the Setup Script

The Linux Source Setup page provides a code block with a pre-configured command.

If curl is not installed, run:

sudo dnf install -y curl

Then, run the following command (replace <nagios-log-server-address> with your actual server IP or hostname):

curl -sS -O http://<nagios-log-server-address>/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s <nagios-log-server-address> -p 5544
  • -s specifies the Log Server address
  • -p 5544 is the default port for syslog ingestion

Example output: 

curl -sS -O http://192.168.0.31/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s 192.168.0.31 -p 5544

2. Verify the Script Execution

You should see an output like:

Detected rsyslog 8.x
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: 192.168.0.31:5544
Creating /etc/rsyslog.d/99-nagioslogserver.conf...
SELinux is disabled.
rsyslog configuration check passed.
Restarting rsyslog service with 'service'...
rsyslog is running with the new configuration.

Check the Nagios Log Server dashboard to confirm that logs are being received.

Step 3: Confirming Log Reception

  1. Navigate to the Dashboards section in Nagios Log Server.
  2. In the Search panel, run a query for the new source IP:
host.ip:<Fedora 40 IP>
  1. Send a test log entry from the Linux machine:
logger "This is a test log entry"

If successful, the test entry will appear in the results.

Screenshot 2025 02 13 094117 4
test entry

Step 4: Accessing the Setup Script on the Server

The script is stored on the Nagios Log Server here:

/var/www/html/nagioslogserver/www/scripts/setup-linux.sh

This script can be accessed directly via a browser or edited via SSH for custom changes.

Step 5: Manual Setup (Optional)

If you prefer to configure manually:

  1. Create a configuration file:
sudo nano /etc/rsyslog.conf
  1. Add this line (replace with your Nagios Log Server IP):
# ### begin forwarding rule ### NAGIOSLOGSERVER
$WorkDirectory /var/lib/rsyslog
$ActionQueueFileName fwdRule1
$ActionQueueMaxDiskSpace 1g
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList
$ActionResumeRetryCount -1
*.* @@192.168.1.113:5544
# ### end of the forwarding rule ###
  1. Restart rsyslog:
sudo /etc/init.d/rsyslog restart

Video Tutorial

Enhance your understanding with this step-by-step walkthrough:

Step 6: Adding More Log Sources

Use the + Add Log Source button to configure additional sources such as:

  • Windows Event Logs
  • Application Logs
  • Archived Log Files
Screenshot 2025 03 20 110200 2
Add Log Source

Both scripted and manual setup options are available. Manual setup allows for deeper customization by editing config files directly.

Troubleshooting Tips

  1. Check rsyslog Status:
sudo systemctl status rsyslog

Start it if it’s not running:

sudo systemctl start rsyslog
  1. Check Connectivity: Ensure port 5544 is open and reachable.
  2. Check Firewall:
sudo firewall-cmd --zone=public --add-port=5544/tcp --permanent
sudo firewall-cmd --reload
  1. Review Logs:
cat /var/log/messages | grep rsyslog

On Nagios Log Server:

tail -f /var/log/logserver/nagios.log

Conclusion

You’ve successfully configured Fedora 40 to forward logs to Nagios Log Server 2024R2. This setup gives you real-time visibility into system logs, performance events, and security data—essential for proactive system administration.

Explore additional sources and alerting options in Nagios Log Server for an even more powerful monitoring setup.

For additional resources:

Share:
On this page
    Tags
    Related Articles
    Share:

    Products

    Nagios XI

    Nagios CSP

    Nagios Log Server

    Nagios Network Analyzer

    Nagios Fusion

    Projects

    Nagios Core

    Nagios Plugins

    NSClient++

    NDOUTILS

    NCPA

    NRPE

    NRDP

    Resources

    Documentation

    Developer Corner

    Video Tutorials

    Changelog

    Solutions

    Tech Tips

    Training

    Support

    Knowledgebase

    Nagios Forum

    Support Home

    Support Tips

    Get Support

    Customer Portal

    Community

    World Conference

    Bounty Program

    MVP Awards

    Nagios Exchange

    Articles

    Get Involved

    Company

    Story of Nagios

    Nagios Alternatives

    Why Nagios?

    The Nagios Team

    Careers

    Contact Us

    Contact Sales

    Downloads

    Nagios Enterprises, LLC | Website Copyright © 2009 - . All rights reserved.

    Github Facebook-f Youtube Linkedin-in X-twitter