Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rsyslog]

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

It consists of an open source project with commercial addons such as the ability to log Windows events, as well as available support contracts.

681 questions
0
votes
1 answer

rsyslog template not working correctly

Can anyone help me out with this exotic problem? I have some syslog servers forwarding messages to a central syslog server (rsyslogd 7.4.7). In the central syslog server I don't want to add timestamps to an already stamped message so I created a…
Alexandre Juma
  • 103
  • 4
0
votes
1 answer

Rsyslog. How to count messages sent to kafka

I am using rsyslog for sending data from nginx to kafka. Pipeline looks like following: nginx -> unix_socket -> rsyslog -> omkafka module -> kafka Omkafka module for rsyslog uses tcp for transferring messages, so I can easily count bytes of…
Samriang
  • 163
  • 1
  • 11
0
votes
1 answer

Send logs to rsyslog and logstash on the same machine but avoid double sending of data

I have a situation where I want to receive UDP traffic on two different ports on the same machine (two different services) and would like to avoid double sending of data. So, this is the idea: (rsyslog client) ----(network)---> (10540 rsyslog and…
user373333
  • 640
  • 1
  • 4
  • 14
0
votes
1 answer

rsyslog: Log some messages only to specific file

My firewall logs get written to my custom iptables.log file, but also to kern.log, messages, and syslog. I don't want these messages duplicated in all these logs. What is wrong with my config? $ cat /etc/rsyslog.d/iptables.conf # This works, and…
mivk
  • 4,004
  • 3
  • 37
  • 32
0
votes
1 answer

rsyslog 8 wildcard stops sending

We are having an issue with the rsyslog8 wildcard feature and logs that are generated with the date in them by default. Rsyslog will send log messages when I first add the config but then stops sending after initially processing the files. …
tweeks200
  • 351
  • 1
  • 3
  • 11
0
votes
1 answer

rsyslogd wont start correctly on Ubuntu 14.04.4 LTS while using the Init-Script

somehow my init-script for rsyslogd does not work. I tried to enable rsyslogd to accept logging-data on udp:514. If I start my rsyslogd via Init-Script, no logging-data is forwarded. Not even syslog! And no port is binded. netstat -plantu | grep 514…
Mrk
  • 31
  • 2
0
votes
1 answer

Syslog filter to own file by tag or text contain

I need to log from my Python application to syslog. In syslog I want filter messages from my app to own file. I'm using Debian 8.3. My rsyslog rules: # cat /etc/rsyslog.d/99-MyLog.conf :syslogtag, isequal, "MyLog" /var/log/mylog.log :msg,…
martin
  • 228
  • 1
  • 3
  • 12
0
votes
1 answer

Configure rsyslog client to send different log filename to a syslog-ng server

I have multiple servers with rsyslog configured to write logs to a remote syslog-ng server configured like this: # Log anything of level info or higher. # Don't log private authentication messages! *.info;authpriv.none …
xergiopd
  • 111
  • 4
0
votes
1 answer

rsyslog : logs in double in my file

I've configured my firewall to send logs to rsyslog. But all logs appears twice. cat fortigate100D | grep "sessionid=97294098" Jun 27 11:24:16 date=2016-06-27 time=11:24:16 logid=0000000013 type=traffic subtype=forward level=notice vd=root…
Alex Lum
  • 145
  • 1
  • 4
  • 16
0
votes
1 answer

Rsyslog not capturing Remote log

I am on the way to configure LogAnalyzer with Rsyslog server. I am all done with HTTP configuration. but my loganalyzer is only logging logs from localhost. I am little bit confused that where to configure snmp string/community. eventhough i check…
Narender Banduni
  • 3
  • 1
0
votes
2 answers

Rsyslog output in GELF

rsyslog is powerful, but its docs aren't that explicit. I can't figure out how to parse a log file and route it directly to Graylog in GELF format. I have found bits of documentation about outputing gelf in rsyslog but I'm not sure how to proceed.…
Buzut
  • 815
  • 3
  • 10
  • 23
0
votes
2 answers

Rsyslog pull tools or strategy

I would collect the log(in particolar auditd but also other syslog log) produced by several linux server in a centralized syslog server installed in a linux server. I would configure the centralized syslog server in a secure network where the…
NoNoNo
  • 1,963
  • 14
  • 20
0
votes
2 answers

Redirecting log from /var/log/kern.log to a separate log file for iptables log

I am trying to redirect iptables log to another file. Based upon my reading on the net, I did the following: In my iptables rule, I have rules like: iptables -A INPUT -s ... -j LOG --log-prefix "iptables@@" Then in the folder /etc/rsyslog.d, I…
Sunny
  • 381
  • 1
  • 6
  • 16
0
votes
2 answers

rsyslog TLS on AIX

I am trying to forward logs with rsyslog (8.4.2) on AIX 7.1 and I need to encrypt with TLS. However it seems I need rsyslog-gnutls package. I can't seem to find this package anywhere for AIX. Best I could find is…
CodyK
  • 175
  • 1
  • 9
0
votes
1 answer

Read an environment variable (or environment file) from an rsyslog config?

I'm building AMIs here for my organization which include default configuration to send all of our logs to Loggly from rsyslogd. It works pretty well, but I'd like to be able to customize the configuration from a cloud-init script to provide custom…
Naftuli Kay
  • 1,708
  • 6
  • 24
  • 44
1 2 3
45 46