Lab 2.1: Standardizing on Timezone
Time is not recorded consistently across all of our systems. You will note very quickly that none of your systems record the timezone within the syslog entry. Without this data it is very hard to develop a cohesive timeline for events that span multiple log sources and multiple time zones. We are going to fix this.
make sure to restart syslog after you change the conifgurations!
RW01
Testing date and logging on rw01. Sometimes a system won't forward date/time information to the logs, and the events won't have timing information, which can be crucial information.
If it is not already go to:
sudo nano /etc/rsyslog.confcomment out
$ActionFileDefaultTemplate RYSYLOG_TraditionalFileFormat
Deliverable 1. Provide a screenshot similar to the one below that shows increased fidelity as well as timezone/offset information on rw01.
Apply change to web01 and log01
Repeat the steps on rw01 on web01. If it is not already go to:
sudo nano /etc/rsyslog.confcomment out
$module(load="builtin:omfile" Template=RSYSLOG_TranditionalFileFormat")
Deliverable 2. Provide a screenshot similar to the one below that shows increased fidelity as well as timezone/offset information for web01. The rsyslog.conf line to comment might look slightly different than rw01.
Deliverable 3. Provide a screenshot similar to the one below that shows increased fidelity as well as timezone/offset information for log01.
Repeat the steps on log01 If it is not already go to:
sudo nano /etc/rsyslog.confcomment out
$ActionFileDefaultTemplate RYSYLOG_TraditionalFileFormat
Last updated