How to Forward Fedora 41 Logs to Nagios Log Server R2

Picture of Johnny Mengistu
Johnny Mengistu
Another Fedora 41

Introduction

Nagios Log Server is a powerful enterprise-grade log monitoring and management solution that enables organizations to collect, analyze, and archive log data from various sources. In this guide, we’ll walk through the process of configuring Fedora 41 to send its system logs to Nagios Log Server R2.

Prerequisites

Before beginning, ensure you have:

  • A running Fedora 41 system
  • Nagios Log Server R2 installed and accessible
  • Administrative privileges on both systems
  • Network connectivity between the Fedora system and Nagios Log Server

Step 1: Install Required Packages on Fedora 41

First, update your system and install the necessary packages:

bash

sudo dnf update -y
sudo dnf install -y rsyslog wget

Step 2: Configure Rsyslog to Forward Logs

2.1. Edit the Rsyslog Configuration File

Open the main rsyslog configuration file:

bash

sudo nano /etc/rsyslog.conf

Add the following lines at the end of the file (replace nagios_log_server_ip with your actual Nagios Log Server IP address):

# Send logs to Nagios Log Server
*.* @@nagios_log_server_ip:5544

This configuration sends all logs (*.*) to the Nagios Log Server on port 5544 using TCP (@@). For UDP, use a single @.

2.2. Enable TCP Syslog Reception (Optional)

If you want to ensure TCP is enabled for sending logs, uncomment these lines in the same file:

$ModLoad imtcp
$InputTCPServerRun 514

2.3. Restart Rsyslog Service

Apply the changes by restarting the rsyslog service:

bash

sudo systemctl restart rsyslog
sudo systemctl enable rsyslog

Step 4: Configure Firewall

Allow outgoing connections to the Nagios Log Server:

bash

sudo firewall-cmd --permanent --add-port=5544/tcp
sudo firewall-cmd --reload

Step 5: Verify Log Forwarding

5.1. On Fedora 41

Check the rsyslog status:

bash

sudo systemctl status rsyslog

View the rsyslog logs for any errors:

bash

sudo tail -f /var/log/messages

5.2. On Nagios Log Server

1. When you log into Log Server 2 you should be automatically re-directed to the home screen. If not you simply click the home button icon shown below:

image 12
Home Button Log Server 2

2. From here you can click the “Add a Log Source” button up above like in the picture below:

image 13
Add a Log Source

3. Your screen should now look like the one below. Go and select the “Linux” option

image 14
Linux Penguin LS2

4. From here follow the directions on the screen then enter your Fedora workstation’s IP address at the very bottom. You should get similar results like the one below saying:

“Verified. There are “some number” logs for the host: “your ip address”

image 15
Verified Incoming Logs

Step 7: Configure Log Filters (Optional)

In the Nagios Log Server web interface, you can create filters and alerts for specific Fedora logs:

  1. Go to “Admin” > “Filters”
  2. Create a new filter for Fedora-specific logs
  3. Set up alerts for critical events if needed

Conclusion

By following these steps, you’ve successfully configured your Fedora 41 system to send logs to Nagios Log Server R2. This integration provides centralized log management, making it easier to monitor, analyze, and respond to system events across your infrastructure. Remember to regularly review your log management strategy to ensure it meets your organization’s security and compliance requirements.

For optimal performance, consider:

  • Setting up log rotation on Fedora to manage log file sizes
  • Creating custom dashboards in Nagios Log Server for Fedora-specific metrics
  • Implementing SSL encryption for log transmission in production environments

Interested in installing Nagios Log Server R2 on Linux click the link below:

https://youtu.be/9SkH3fNmhGg?si=bRfO9G-0Qz—g8M

Additional Resources

Visit Our Website: https://www.nagios.com

Visit Nagios Support: https://support.nagios.com/

Visit Nagios Exchange: https://exchange.nagios.org/

Share: