Highest Voted 'rsyslog' Questions - Server Fault Stack Exchange

2

votes

1 answer

Does rsyslogd send new information or the entire log file upon restart

I'm trying to use rsyslog on a Debian machine to send log data to an external server. The log files that I'm interested in have around 10GB of historical data. When I started on configuring rsyslog I was under the impression that it's going to start…

log-files rsyslog

asked Nov 06 '15 at 19:24

user893730

624
2
12
20

2

votes

0 answers

How can I separate logs with rsyslog from a remote location for devices using the same IP?

I have a number of Yealink SIP phones at different locations that I am trying to centralize log collection for. I have set up a CentOS server at my main location with rsyslog. I am forwarding all traffic from UDP 514 to this server. There is no way…

logging remote syslog rsyslog centralized-logging

asked Sep 21 '15 at 15:06

ButteredToastMan

21
5

2

votes

0 answers

Rotation and continuous writing of large log files with rsyslogd

I have an extremely busy log file (let's call it /var/log/service.log) that is also frequently searched for troubleshooting reasons. Output to it is nearly continuous and 24/7. It probably puts out around 1-2 GB/day, but we need all of it. Because…

linux centos logging rsyslog log-rotation

asked Aug 11 '15 at 16:57

Alex Balashov

907
2
9
16

2

votes

0 answers

logger not logging to remote rsyslogd instance

I am running CentOS 7.0.1406 with rsyslogd 7.4.7 and logger from util-linux 2.23.2. I have two machines connected via a switch. When I try to use logger to log from one machine to the other, nothing is logged. When I use the --stderr option, nothing…

networking centos logging log-files rsyslog

asked Jul 01 '15 at 16:02

greg

101
1
7

2

votes

1 answer

Remote logging with rsyslog - Cannot load module lmnsd_gtls.so

I have 2 servers and an office NAS on which I want the two servers to dump their logs. Only 1 server is successfully logging to the NAS. The other server continues to produce this error message in /var/log/messages: May 16 09:01:01 elmer…

rsyslog

asked May 16 '15 at 09:08

David W

3,453
5
36
62

2

votes

1 answer

rsyslog not writing log file after restart

First off, thanks for spending the time to have a look at this issue, its much appreciated. I've had the attached rsyslog.conf configuration running for sometime now until today when I had to restart rsyslog as a disk was getting full. The result is…

redhat syslog rsyslog

asked May 04 '15 at 08:39

skittles

23
3

2

votes

3 answers

Squid cannot log to syslog

According to this documentation: http://www.squid-cache.org/Doc/config/access_log/ squid should be able to log to rsyslog with the following directives: access_log syslog:daemon.info squid cache_log syslog:daemon.info squid However when I try to…

squid rsyslog

asked Apr 17 '15 at 09:48

napalmbrain

31
1
3

2

votes

0 answers

How to figure out why some characters go missing in rsyslog -> logstash pipeline

I am trying to figure out why some messages received by logstash have some text missing from them. I am sending the logs from an Untangle NGFW (11.0 - licensed) to logstash so that I can keep historical records of web filter logs etc. I first…

rsyslog logstash

asked Apr 07 '15 at 14:33

Rumbles

994
1
12
28

2

votes

1 answer

configure and test rsyslog to UDP socket

I am trying to use https://github.com/gliderlabs/logspout so I can see all the logs from my containers in one place. I need rsyslog to listen on UDP socket on port 514. I uncommitted $ModLoad imudp and $UDPServerRun 514 in /etc/rsyslog.conf and…

ubuntu rsyslog docker

asked Feb 15 '15 at 03:34

user3538553

151
1
1
5

2

votes

2 answers

Forwarding logs in nested directories with rsyslog

I have log forwarding set up using rsyslog and imfile. How could I go about watching nested log files? Right now I'm using wildcards to watch all files matching log/*.log, but I have logs nested 1 level deep that I need to forward as well:…

rsyslog

asked Jan 15 '15 at 22:49

dsomach

21
3

2

votes

0 answers

Is it possible to filter rsyslog messages based on an environment variable, the content of a file or the output of a command?

I am configuring setup scripts for automatically created VMs which need to filter syslog messages in rsyslogd based on an environment variable. I need to be able to change where logs get sent based on environment variable, the output of a command or…

rsyslog

asked Sep 29 '14 at 23:21

Daniel Evans

121
2

2

votes

1 answer

TCP rsyslogd events showing up as 2000 character continuations

I'm taking syslog events from a proprietary app. This could be the app's fault or it could be rsyslogd. Events are written like: Aug 15 16:00:00 10.11.12.13 Event1 from this wonderful product using this odd Aug 15 16:01:00 10.11.12.13 format.…

tcp syslog rsyslog

asked Aug 15 '14 at 20:43

mgjk

874
3
9
20

2

votes

2 answers

Using (r)syslog's dynamic file generation

I am in the middle of configuring a (r)syslog server as a remote server that receives logs from various clients. I wonder whether there is a nicer way to dynamically generate multiple file names as opposed to create a template for any…

tcp syslog rsyslog

asked Aug 13 '14 at 07:38

Andrew Tobey

253
1
2
8

2

votes

1 answer

Forward linux logs to fluentd on linux

On one VM I have this in /etc/rsyslog.d/50-default.conf *.* @192.168.29.1:42185 # Default rules for rsyslog. On the vm with fluentd I have this: I have this in /etc/td-agent/td-agent.conf type syslog port 42185 tag …

linux ubuntu-12.04 rsyslog fluentd

asked Aug 08 '14 at 18:51

James Black

133
1
8

2

votes

1 answer

IPTables custom log failing

I'm currently trying to split out some of my IPTables logging from kern.log into a file called iptables.log. Basically, I have several different adapters and I'm logging requests to port 80 on each one. These rules are working and outputting fine…

iptables logging rsyslog

asked Aug 01 '14 at 14:28

tparrott

185
1
3
9

Questions tagged [rsyslog]