The Definitive Guide To Centralized Logging with Syslog on Linux

Hello guys!

Following my article on how to monitor Linux logs using Rsyslog and Kibana, I decided to write a detailed guide about how to setup a complete centralized logging system from A to Z.

I felt like the existing guides on the subject were not giving enough details about the subject, especially when it comes to message forwarding using TLS or message reliability using memory action queues.

​

https://i.redd.it/rm0mdry7ehd31.png

So here it is!

This guide covers :

\- How Linux logging works on a single instance

\- How to design a complete centralized logging architecture

\- Configuring rsyslog to forward logs to your log server

\- How to encrypt rsyslog messages using TLS/SSL

\- How to send messages reliably (even with network shutdown) with memory action queues.

​

Oh and by the way, I finally got this SSL certificate for the blog, after quite a lot of people asked for it on the last post :)

[https://devconnected.com/the-definitive-guide-to-centralized-logging-with-syslog-on-linux/](https://devconnected.com/the-definitive-guide-to-centralized-logging-with-syslog-on-linux/)

https://redd.it/cjvp54
@r_linux

Bentōō (An user-friendly Stage4 of Funtoo Linux)²

Bentōō is an initiative to distribute an user-friendly version of Funtoo linux to new users, with more update packages, focusing on agility, security privacy and games.

the project isrecent and experimental yet, but I made alot of updates, please take a look ;)

website -> [https://bentoo.info/](https://bentoo.info/)

binhost -> [https://binhost.bentoo.info/](https://binhost.bentoo.info/)

overlay -> [https://github.com/lucascouts/bentoo](https://github.com/lucascouts/bentoo)

configs -> [https://github.com/lucascouts/bentoo-cfg](https://github.com/lucascouts/bentoo-cfg)

feedback or criticism are appreciated. :)

https://redd.it/cjvaoh
@r_linux

Linux Mint 19.2 to be released this week
https://blog.linuxmint.com/?p=3784

https://redd.it/cjw70z
@r_linux

Made myself a pocket SSD :D
https://redd.it/cjxev4
@r_linux

A relic from the past, a Linux Kernel loader for Windows 95 from 1997
https://github.com/littlebigend1an/linux95/

https://redd.it/cjxcdl
@r_linux

Blender 2.80 released!!!
https://www.blender.org/

https://redd.it/cjxny9
@r_linux

Inkscape Speed Art: Wallpaper For Linux User
https://youtu.be/iQIjhoaypBQ

https://redd.it/cjxg02
@r_linux

Python 2.7 support ends in 2020 but is the Linux world ready for that?

Barely a few months remain now until the cpython project pulls of the plug from Python 2.7.x development branch. And yet, even in the latest of Ubuntu and Debian distros, I find that the default python (`/usr/bin/python`) points to the 2.7 and not 3.x!

Why does the old version even comes installed at this point? Do any core components in a GNU/Linux system still depend on 2.7?

https://redd.it/cjw70p
@r_linux

Pinebook Pro, VLC Bug Debunked, Fedora CoreOS, SUSE New CEO, Mageia, Arco | This Week in Linux 76
https://www.youtube.com/watch?v=-iNOLfKAWfA&feature=youtu.be

https://redd.it/cjurg9
@r_linux

How I (stupidly) lost my data from the last 8 months

Just thought I would share my experience of how I fucked up, it's possible someone else might have the same train of thought as I did.

I was actually in the process of making backups when this happened. I had the computer with the main source of data syncing a new backup to another computer (about 3% done at the time), while also actively in the process of copying a backup to an external hard drive.

The external hard drive did not have enough space for the new backup, so I decided to delete the previous backup to make space (the penultimate disaster yes, but not the final). As with any file manager when you delete something it gets sent to the trash/recycle bin/rubbish/whatever. After "emptying the trash" I noticed that it was going slower than I anticipated. Knowing that I can speed up the process by stopping and eliciting the tried-and-true `rm -rf X` command, I stopped the deleting process.

With my brain working in autopilot, I right-click inside the "Trash" folder and use the convenient "Open Tilix Here" entry to open a new terminal inside the "Trash folder" so I can `rm` these files faster. However - as I realized some moments later - the "Trash" is not a real folder that exists in storage. Instead, Tilix had dropped me into the main user directory, which contained the principal folder being backed up - which had the same name as the one I was deleting from the external hard drive.

The result clearly being the most recent data deleted. The moment in between the removal finishing and my realizing, I saw the folder (most recent backup) was still on the external drive and deleted it thinking I had missed something.

Luckily I still had an older backup elsewhere from January, so not a total loss...

Learn from my mistake, **if your file manager or terminal allows you to open in a terminal inside the "Trash", don't do it.**

https://redd.it/ck29s3
@r_linux

Weekly Questions and Hardware Thread - July 31, 2019

Welcome to r/linux! If you're new to Linux or trying to get started this thread is for you. Get help here or as always, check out r/linuxquestions or r/linux4noobs

This megathread is for all your question needs. As we don't allow questions on r/linux outside of this megathread, please consider using r/linuxquestions or r/linux4noobs for the best solution to your problem.

Ask your hardware requests here too or try r/linuxhardware!

https://redd.it/ck390h
@r_linux

Penguin Origin

What is the origin of a penguin as the logo for Linux? (I don't use Linux, I simply like penguins.)

https://redd.it/ck0x1j
@r_linux

Well, I finally did it...

Moved to UbuntuMATE after a year with Windows 10 on my main rig.

Yea, I know not every game will work with my OS.

But it beats feeling like I don't own my own computer.

I have used every Windows since 95, and 10 is by far, the worst.

https://redd.it/ck43w0
@r_linux

Linux[ Wallpaper create in Inkscape & Ubuntu 18.04.1
https://redd.it/cjrbxt
@r_linux

Countries crying out for Linux Sysadmins?

I'm a junior Linux enthusiast, trained up sysadmin but it's so hard to get into the industry in the UK. I've worked as an IT Tech, web dev etc. What are the main countries desperately looking for Sysadmins?

https://redd.it/ck6555
@r_linux

Linux server administration tools

What tools are you using to manage linux servers.

I have a scenario where I am given 200 + servers. How would you manage those.

Also, i would like to lockdown ssh,telnet,ftp in all the servers except master which I am using and all the changes to slaves should be done through master.

I prefer open source and dont mind with paid ones too

Thanks 🙏 in advance

https://redd.it/ck6q9z
@r_linux

Valve proposes kernel changes to help gaming performance
https://lkml.org/lkml/2019/7/30/1399

https://redd.it/ck77gm
@r_linux

Chrome now prevents websites from checking private browsing mode
http://www.viralbor.com/2019/07/chrome-now-prevents-websites-from.html

https://redd.it/ck7n86
@r_linux

Drawing 0.4.2 released
https://flathub.org/apps/details/com.github.maoschanz.drawing

https://redd.it/ck7gt0
@r_linux

PGP encrypt file without showing password in plaintext

This is more a question of concept than a way to do it. Here's the scenario, which I believe is fairly common:

I have a bunch of personal text files I want to backup to an online storage. I want to archive these together into archives before I send them and password protect the archive.

One of the straight forward solutions I've found is to use PGP: $pgp -c \[myfile\] will do nicely, and I can do that to tar archives. OK, so far so good. This asks for a password, and I can create a long complicated password. My issue happens when I want to automate this using a cron job.

Say I want to cron this every day at 1am. The scrip will run and ask me to create a password, only thing is I will be deep asleep in my bed. There's probably a way to specify a password in the pgp command itself, but that's dumb: anyone who has access to the noscript will have access to the password in plaintext.

So! this is a pretty basic concept in linux (I think), but I'm missing something. How do you password protect this? Again, the idea is that these files need to be protected before I upload to an online service. What would you guys do?

https://redd.it/ck6naq
@r_linux

How I almost nuked my entire /home directory with 'find'

So... I was using the `find` command to look for some files and directories that I wanted to remove. I entered `find . -iname '*somestring*'` to see what would be removed. Then I started typing `find . -delete -ina` and at this time I stopped and thought to myself "Nah, -delete should go at the end." I thought the logic is "find where, what, do what/action."

I didn't think it mattered, it was just the way I often condition myself to do things right. Because while in Linux you have freedom to do a thing in one of 6783 ways, most ways are wrong, for what you are trying to achieve. It may work but it may be the wrong approach for your specific situation. Or it works, but only for 95% of scenarios... and one day, you'll hit that 5%. And I think that if you do things wrong out of laziness and just tell yourself "I know this is wrong, but I'm just lazy now because it doesn't matter" then this will leak in other tasks, where it WILL matter.

So I finally enter `find . -iname '*somestring*' -delete`

I later find out that `find . -delete -iname '*somestring*'` will delete everything in your current directory (subdirectories included) because find interprets parameters in their order. Which means it's "find everything in ., delete what you find, then find files/dirs with this -iname."

Maybe this is old news for some, or uninteresting for others. Hopefully, it helps some people avoid this potential mistake in the future. I'm also curious how there's no idiot proof mechanism for this, at least "Are you sure you want to delete everything fool?" Type "yes, I am deleting everything with find, instead of rm -r, for no reason." Maybe there are some scenarios where this is useful? But I couldn't think of anything yet.

https://redd.it/ckabln
@r_linux