Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rsyslog]

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

It consists of an open source project with commercial addons such as the ability to log Windows events, as well as available support contracts.

681 questions
0
votes
1 answer

rsyslog - assigning a modified property to a cee variable

So I'm going nuts trying to get a sortable timestamp from rsyslog into a CEE variable which will go to ElasticSearch. Right now I'm using: set $!tgen = $timegenerated; from which the field looks like "Apr 4 13:52:26" -- useless for sorting. From…
Micah Yoder
  • 320
  • 1
  • 2
  • 7
0
votes
1 answer

imported log into rsyslog not sent to remote server when rotated

So right now I have a bunch of production servers, and I setup remote logging through rsyslog to our staging servers. For anything actually logged through rsyslog it works fine (Even when rotated) but our php5_errors log is not handled through…
Excolo
  • 63
  • 1
  • 5
0
votes
2 answers

How should I rotate rsyslog documents stored in mysql

I have setup rsyslog to dump syslog data into mysql so that LogAnalyzer can easily access and interact with it. How do I automate a job to remove syslog data of a certain age for the mysql database so it doesn't fill my HD?
flickerfly
  • 2,753
  • 3
  • 25
  • 27
0
votes
2 answers

Using rsyslogd on only 1 of 2 systems

I have two systems. One is a laptop and has rsyslog. The other is embedded system that doesn't have rsyslog. What I'd like to do is log messages from the embedded system on the laptop. I've configured the laptop /etc/rsyslog.conf to listen on TCP…
user800133
  • 35
  • 6
0
votes
1 answer

rsyslog: "-" prepended to action path / ftp.* does not log

following config rules: auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none -/var/log/syslog #cron.* /var/log/cron.log daemon.* -/var/log/daemon.log ftp.* …
Daniel W.
  • 1,609
  • 4
  • 26
  • 48
0
votes
1 answer

Monitor application log files with variable names with rsyslog

I have an application on linux that puts randomly (truly randomly, not following any pattern) named log files in /opt/application/logs. I need to read all these files with rsyslog and forward their content to a central rsyslog server. The forwarding…
Zizzencs
  • 947
  • 1
  • 10
  • 22
0
votes
1 answer

Hosts.deny file not being updated by denyhost service

I have denyhosts running on my server to block IPs that repeated fail to login over ssh, for example brute force style attacks. I can see that entries in the auth.log file have not been updated in the hosts.deny file for some time. How can I check…
niallhaslam
  • 101
  • 2
0
votes
1 answer

How to forward postfix event logging to an http endpoint?

I would like to monitor postfix with a tool I wrote my self, I need to do it live right after sending, my optimal solution will be somehow make postfix send it's events to a logging system other then rsyslog I am running now, and have this system…
David MZ
  • 249
  • 1
  • 3
  • 7
0
votes
1 answer

rsyslog. Filter doesn't work

I use ubuntu-server. I try to set filter in my rsyslog.conf for accepting only remote logs from my D-link. that is debug Debug line with all properties: FROMHOST: 'fromname', fromhost-ip: '192.168.1.1', HOSTNAME: 'DSR-500N', PRI: 4, syslogtag…
Abdus
  • 115
  • 1
  • 2
  • 8
0
votes
1 answer

Compiling rsyslog with zlib

I'm trying to compile rsyslog but it fails with CC rsyslogd-smtradfwd.o CC rsyslogd-iminternal.o CC rsyslogd-pidfile.o CCLD rsyslogd ../runtime/.libs/librsyslog.a(librsyslog_la-parser.o): In function…
Paté
  • 115
  • 1
  • 5
0
votes
2 answers

Server unresponsive, messages shown on console but not in log files

I'm using Ubuntu Server 10.04.4, and once in a while the server hangs (once a month) and is totally unresponsive. The tty is flooded with messages like these. The problem is that these messages are not in my log files after reboot. How to log these…
raistlin majere
  • 1
0
votes
1 answer

Trouble with backslash characters and rsyslog writing to postgres

I have rsyslog 4.6.4 configured to write mail logs to a PostgreSQL database. It all works fine, until the log message contains a backslash, as in this example: Jun 12 11:37:46 dc5 postfix/smtp[26475]: Vk0nYDKdH3sI: to=<-----@----.--->,…
Flimzy
  • 2,454
  • 18
  • 26
0
votes
1 answer

rsyslog from Heroku drain creates empty log files

I'm sending logs from my Heroku app to an rsyslog server, but the resulting log files seem to come up empty. The rsyslog configuration for receiving remote messages is as follows: $template…
Jeff Lee
  • 171
  • 4
0
votes
1 answer

syslog - log line classifications

A very generic question; in the context of a programmer, with operational aspect of the process (program) in mind. Is there any sort of best-practice / guide to classify messages, particularly in the context of SaaS / multi-tenancy (server) software…
CodeMedic
  • 304
  • 1
  • 2
  • 11
0
votes
1 answer

How to remote log with Nginx

Have anybody experience on remote access and error logging of Nginx? We have such setup for Apache, but would like to migrate to Nginx.
Roman Newaza
  • 632
  • 4
  • 13
  • 23
1 2 3
45 46