Hello again, I just installed my new log server and I am configuring to save ALL logs on the log server.

On the client side I have rsyslog configured this way:

$ cat /etc/rsyslog.conf

$ModLoad imuxsock

$ModLoad imklog

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$RepeatedMsgReduction on

$KLogPath /proc/kmsg

$WorkDirectory /rsyslog/work

$ActionQueueType LinkedList

$ActionQueueFileName srvrfwd1

$ActionResumeRetryCount -1

$ActionQueueSaveOnShutdown on

*.*       @@logserver

On the server side I have syslog-ng:

source logs_externs{

        tcp();

};

destination rdf_all {

file("/var/log/extern/${HOST}/${YEAR}/${MONTH}/");

};

log {

        source(logs_externs);

        destination(rdf_all);

};

I want to get all the logs on the log servers and then archive each month.

This way it doesn’t work, how I must configure it?

Thanks for all your help.

Kind regards.