Setup Syslog Server on Ubuntu or CentOS for Centralized Logs Management

Checking logs is an important activity to see what’s happening on your Linux servers, especially when you are trying to locate an issue. It’s easy when you are just managing 2 or 3 servers, but what do you do when you are handling 50 or 100 servers? That’s when centralized log management comes into the picture. We can sync all the Linux server logs (auth logs, cron logs, syslogs, etc.) to a single Linux server so that we have access to all server logs, whether 1 or 100, on a single server. When we are required to check logs, we just log in to a single server & have access to logs from all servers. This is also useful when you don’t plan to give access to servers to all individuals, but just want to give access to a centralized logs server and that single machine.