Table of Contents
Configuring Debian 12 Logs with Nagios Log Server
- Updated on
In this article, we will walk through the process of configuring log collection on a Debian 12 system using Nagios Log Server. Nagios Log Server provides centralized log management, helping system administrators monitor, analyze, and store logs in a centralized repository. By the end of this guide, you will have configured your Debian 12 system to forward logs to Nagios Log Server for easy monitoring. After configuration you should immediately start receiving the logs that you would normally view in the /var/log/messages file on the Linux system you configured.
Prerequisites
Before beginning the setup process, ensure that you meet the following requirements:
- A running Debian 12 system
- Root or sudo privileges on the Debian 12 system
- A Nagios Log Server instance (you can use Nagios Log Server in your own infrastructure or use Nagios XI or a hosted version)
- Basic knowledge of Linux and command-line operations
- Make sure you have a bridged connection before starting up your Debian workstation
Automatic Script – Supported Operating Systems
- CentOS, Fedora, and RHEL
- Ubuntu and Debian
You must have rsyslog installed. If your operating system is not listed, you can manually configure syslog or rsyslog by going to the “Home” tab (after logging into Log Server) then select “+ Linux” under “Add a log source to start collecting logs“ and select whichever manual configuration setup option you prefer.
Step 1: Install Required Dependencies on Debian 12
First, you will need to install rsyslog, which is the default logging service for Debian, and configure it to send logs to the Nagios Log Server.
- Update the System
Make sure your Debian 12 system is up-to-date by running:
bash
sudo apt update- Install rsyslog
If rsyslog is not already installed, install it using the following command:
sudo apt install rsyslogStep 2: Run the Script
On the system you want to send logs from, run the following commands to download and run the script to automatically setup rsyslog.
curl -sS -O http://"your Nagios Log Server ip address"/nagioslogserver/scripts/setup-linux.shThen run
sudo bash setup-linux.sh -s "your Nagios Log Server ip address" -p 5544Afterwards you should see a message in your terminal that looks like this:
“rsyslog is running with the new configuration. Visit your Nagios Log Server dashboard to verify that logs are being received”
Step 3: Get IP address and verify incoming logs
To get your IP address go into the terminal and type:
ip aThen take that address and past it into the IP Address field under “Verify Incoming Logs“. You should then see however many logs come through similar to the image below.
After you have verified go to the “Dashboards” tab at the top to see various syslog data coming from your Debian 12 machine. You can even zoom in further to a certain time frame to see more syslog data like shown here:
To watch a video on how to do this click here and follow us on YouTube to stay up to date on new releases and features.
Documentation: Monitoring a New Log Source: https://assets.nagios.com/downloads/n…
Learn More: Download Nagios Log Server: https://www.nagios.com/products/nagio…
Visit Our Website: https://www.nagios.com
Visit Nagios Support: https://support.nagios.com/
Visit Nagios Exchange: https://exchange.nagios.org/