How to install syslog-ng

On both the client and server machines:

Download ubuntu

Run these commands

Update the linux operating systems

sudo apt-get update

sudo apt-get install syslog-ng
Disable the firewall

sudo ufw disable


Check the internet connection

ping google.com




Check you can reach the server

ping 192.168.133.130


make syslog-ng folders editable

sudo chmod -R 777 /etc/syslog-ng




edit the syslog-ng file using found in /etc/syslog-ng/syslog-ng.conf




for the server:
Add the following lines to the file /etc/syslog-ng/syslog-ng.conf

source clients {tcp(ip(0.0.0.0) port(514));udp();};

destination clientslogs { file("/var/log/michael"); };

log { source(clients); destination(clientslogs);};




for the client

destination d_udp { tcp("192.168.133.130" port(514)); };

log { source(s_src); destination(d_udp); };




run the command /etc/init.d/syslog-ng restart on both the client and the server


it should restart without any problems




testing

to test if the syslog-ng is listing on the port 514 for the server run the command 

sudo netstat -tapen | grep ":514 "





go to the client machine and run the command

logger "adfklsjvnjkds"




go to the server machine navigate to the folder /var/logs

open the file michael

go to the end of the file, you should find "adfklsjvnjkds"