一、rsyslog+H3C

安装rsyslog服务器

关闭防火墙

systemctl stop firewalld && systemctl disable firewalld

关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config && setenforce 0

centos7服务器，通过yum安装rsyslog

yum -y install rsyslog    

建立日志存放路径

mkdir -p /data/h3c/log         

建立日志文件

touch /data/h3c/log/switch_log      

修改rsyslog配置文件

vi /etc/rsyslog.conf   

#去掉注释
$ModLoad imudp 
$UDPServerRun 514                    #允许客户端通过udp:514 端口连接
$IncludeConfig /etc/rsyslog.d/*.conf
*.info;mail.none;authpriv.none;cron.none                /var/log/messages
authpriv.*                                              /var/log/secure
mail.*                                                  -/var/log/maillog
cron.*                                                  /var/log/cron
*.emerg                                                 *
uucp,news.crit                                          /var/log/spooler
local7.*                                                /var/log/boot.log

#添加以下内容
SYSLOGD_OPTIONS="-c 2 -r -x -m 180"
KLOGD_OPTIONS="-x"
local7.info /data/h3c/log/switch_log

交换机配置

info-center loghost 172.16.0.10，这边IP需要配日志服务器的IP

system-view
info-center loghost 172.16.0.10
info-center enable 
save force

测试日志接收情况

 tail -f /data/log/h3c/switch_log