• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to change the Default Log Directory(/var/log) in Rsyslog for CentOS/RHEL 6,7

by admin

The ask

We want to have the default /var/log/messages file in a different location on a different mount point. Is it possible with rsyslog?

The Solution

The default location of /var/log/messages file can be changed to any location of your choice. Follow the steps outlined below to change the default location to new location (/log_dir).

1. Create the new directory in which the logs needs to be written.

# mkdir /log_dir

This can also be a pre-existing mount point.

2. In the rsyslog configuation file /etc/rsyslog.conf, replace the “/var/log/messages” by the new directory name. For example, replace the /var/log in the below line by the /log_dir:

Before:

*.info;mail.none;authpriv.none;cron.none                /var/log/messages

After:

*.info;mail.none;authpriv.none;cron.none                /log_dir/messages

3. Now restart the rsyslog service.

# service rsyslog restart         ### CentOS/RHEL 6
# systemctl restart rsyslog       ### CentOS/RHEL 7

Changing other log locations

Some of the other common location that you may want to modify are:

# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 :omusrmsg:*

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log

The procedure remains the same to change the location in case of above log files as well.

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. e2undo: command not found
  2. userdel Command Examples in Linux
  3. How to delete unused kernels and keep only the running kernel in CentOS/RHEL
  4. bluetoothd Command Examples in Linux
  5. How To Generate An CentOS/RHEL 6 UEFI Bootable ISO Image
  6. fsck Command Examples in Linux
  7. How to Calculate Memory Usage in Linux using sar, ps, and free
  8. fprintd-verify: command not found
  9. CentOS / RHEL 7 : Configuring static IP adress using network interface configuration files
  10. cpuid: command not found

You May Also Like

Primary Sidebar

Recent Posts

  • aws ec2: CLI for AWS EC2 (Command Examples)
  • aws cur – Create, query, and delete AWS usage report definitions (Command Examples)
  • aws configure – Manage configuration for the AWS CLI (Command Examples)
  • aws cognito-idp: Manage Amazon Cognito user pool and its users and groups using the CLI

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright