Hi team,
While trying to add log source linux file and testing it based upon the documentation provided below:
https://assets.nagios.com/downloads/nag ... Server.pdf
we noticed that rsyslog messages are not coming to Nagios Log Server and a warning shows in the terminal as below:
[root@client ~]# curl -sS -O http://ip/nagioslogserver/scripts/setup-linux.sh
[root@client ~]# sudo bash setup-linux.sh -s ip -p 5544
Detected rsyslog 8.24.0
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: ip:5544
Creating /etc/rsyslog.d/99-nagioslogserver.conf...
==============================! WARNING !====================================
SELinux is enforcing. This may prevent rsyslog from forwarding messages.
If log messages do not reach Log Server from this host, ensure SELInux is
configured to allow rsyslog forwarding.
=============================================================================
rsyslog configuration check passed.
Restarting rsyslog service with 'service'...
Redirecting to /bin/systemctl restart rsyslog.service
Okay.
rsyslog is running with the new configuration.
Visit your Nagios Log Server dashboard to verify that logs are being received.
Kindly provide your valuable inputs on this.
Thanks in advance.
Unable to receive rsyslog messages due to SELinux Enforcing
-
SuryanuSanyal
- Posts: 22
- Joined: Wed Sep 15, 2021 5:43 am
Re: Unable to receive rsyslog messages due to SELinux Enforc
I apologize, but we don't get into SELinux configurations by policy, you will need to work with your security team to design/implement the SELinux rules if you are going to run the system in SELinux enforcing mode.
Please see here:
https://www.rsyslog.com/doc/master/trou ... linux.html
Here's a good example of the process:
https://osric.com/chris/accidental-deve ... icy-files/
Please see here:
https://www.rsyslog.com/doc/master/trou ... linux.html
Here's a good example of the process:
https://osric.com/chris/accidental-deve ... icy-files/