OS: RHEL 6
Protocol: tcp or/and udp
Default port: 514
By default RHEL 6 use rsyslog.
System A (server), IP 10.10.10.1
Uncomment lines in /etc/rsyslog.conf to provide logging via TCP or/and UDP:
# Provides UDP syslog reception
$ModLoad imudp.so
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp.so
$InputTCPServerRun 514
Restart service:
service rsyslog restart
Remote logs by default will be in /var/log/messages
Open firewall if needed for port 514.
System B (client), IP 10.10.10.4
Add strings to /etc/rsyslog.conf to send logs:
# via TCP
*.* @@10.10.10.1:514
# via UDP
*.* @10.10.10.1:514
Restart service:
service rsyslog restart