/etc/rsyslog.d/logclient.conf
# UDP *.* @123.123.123.123:514
Создадим директорию для логов
# mkdir -p /var/log/remote/ # chmod 700 /var/log/remote/
/etc/rsyslog.d/logserver.conf
# log settings for host # loading UDP listener module $ModLoad imudp # bind listener to specified IP $UDPServerAddress 123.123.123.123 # allow remote client $AllowedSender UDP, 321.321.321.321 # template for all remote clients $template RemoteHost,"/var/log/remote/%HOSTNAME%.log" # ruleset for remote clients $RuleSet remote *.* ?RemoteHost # applying remote ruleset to UDP listener $InputUDPServerBindRuleset remote # run listener $UDPServerRun 514