vi /etc/rsyslog.conf

12 # Provides UDP syslog reception 13 $ModLoad imudp.so 14 $UDPServerRun 514 ～

60 #RTX1000 LOG 61 local1.*                                                /var/log/rtx1000.log

vi /etc/logrotate.d/syslog

/var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron  /var/log/rtx1000.log{ sharedscripts postrotate /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true endscript }

iptablesのポート開放

iptables -A INPUT -p udp --dport 514 -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart

RTX1000のsyslog転送の設定

※必要個所抜粋 syslog host 172.16.1.20 syslog facility d