One of the problems I encountered in my job is to get syslog (udp/514) logs from a server that support only one syslog destination and resend these logs to two or more servers (log archiving, security appliance etc).

To do this I used rsyslog and Ubuntu Server (14.04 LTS) acting like a syslog relay.
In this scenario the remote appliance sends the log to the Ubuntu Server (listening on port udp/514) and the server store&forward the logs to one or more server/device.  Continue reading “Rsyslog – Store and Forward messages to other hosts” →