To fix the error: /etc/default/locale: No such file or directory sudo touch /etc/default/locale sudo echo LANG="en_US.UTF-8" > /etc/default/locale sudo echo LANGUAGE="en_US:en" >> /etc/default/locale aptitude install rsyslog-mysql --without vim /etc/rsyslog.conf aptitude install debian-backports-keyring vim /etc/mysql/my.cnf #bind-address = 127.0.0.1 /etc/init.d/mysql restart update mysql.user set host = "%" where user = "rsyslog" and host = "localhost"; grant all on Syslog.* to rsyslog@'%' identified by 'mSySs4qPl'; flush privileges; certtool --certificate-info --infile server aptitude -t lenny-backports install rsyslog rsyslog-gnutls rsyslog-mysql $ModLoad imuxsock # local messages $ModLoad imtcp # TCP listener $ModLoad ommysql # MySQL plugin # make gtls driver the default $DefaultNetstreamDriver gtls # certificate files $DefaultNetstreamDriverCAFile /rsyslog/protected/ca.pem $DefaultNetstreamDriverCertFile /rsyslog/protected/machine-cert.pem $DefaultNetstreamDriverKeyFile /rsyslog/protected/machine-key.pem $InputTCPServerStreamDriverAuthMode x509/name $InputTCPServerStreamDriverPermittedPeer *.student.lab $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode $InputTCPServerRun 10514 # start up listener at port 10514 *.* :ommysql:127.0.0.1,Syslog,rsyslog,mSySs4qPl LogAnaylzer packages: install apache2-mpm-ikt & php5, php5-mysql, php5-gd client: aptitude -t lenny-backports install rsyslog rsyslog-gnutls $ModLoad imuxsock # local messages $ModLoad imklog # kernel logging # make gtls driver the default $DefaultNetstreamDriver gtls # certificate files $DefaultNetstreamDriverCAFile /rsyslog/protected/ca.pem $DefaultNetstreamDriverCertFile /rsyslog/protected/machine-cert.pem $DefaultNetstreamDriverKeyFile /rsyslog/protected/machine-key.pem $ActionSendStreamDriverAuthMode x509/name $ActionSendStreamDriverPermittedPeer vm30.student.lab $ActionSendStreamDriverMode 1 # run driver in TLS-only mode *.* @@vm30.student.lab:10514 # forward everything to remote server