Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rsyslog]

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

It consists of an open source project with commercial addons such as the ability to log Windows events, as well as available support contracts.

681 questions
0
votes
1 answer

Combine thousands of logger instances

We have Apache 2.4 setup with over 1000 vhosts, and multiple instances of logger in each : CustomLog "|/usr/bin/logger -t apache-access -p local6.notice -n x.x.x.x" access_log Restarting httpd takes 90+ seconds because it's opening thousands of…
Bastien974
  • 1,896
  • 12
  • 44
  • 62
0
votes
1 answer

rSyslog stopped sending only SOME data

I have configured a remote logging from one of my servers to the central log server via rsyslog TCP/SSL Everything worked fine until yesterday where most of the files just stop being transmitted while some are still sent/updated in the log server. I…
Mr.P
  • 109
  • 9
0
votes
0 answers

Rsyslog high performance TLS logging

We have been using imptcp module for remote logging high amount of logs (over 1M log lines per minute) received from >40 servers. Now we would like to switch to TLS, but it looks like imptcp does not support TLS, only imtcp. Will imtcp support that…
forke
  • 143
  • 10
0
votes
0 answers

How do I send log data through a proxy using rsyslog

I have a few hosts in a private subnet. All connections, incoming and outgoing, for this private subnet must go through a proxy. I have rsyslog running on the hosts in the private subnet. I must send the logs from the private subnet hosts to our…
Sandeep M
  • 101
  • 2
0
votes
0 answers

How does rsyslog accept remote logs to be written to the specified file path?

I want to write remote logs to the /data directory # cat /etc/rsyslog.d/default.conf #### GLOBAL DIRECTIVES #### $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $template myFormat,"%timestamp% %fromhost-ip% %syslogtag%…
propeller
  • 1
0
votes
1 answer

Postfix logging to syslog even though it's excluded

Ubuntu 22.04 and postfix 3.6.4 Postfix config is set to use syslog_facility=mail, and I have modified /etc/rsyslog.d/50-default.conf to the following *.*;mail,auth,authpriv.none -/var/log/syslog mail.warn …
Brett A.
  • 156
  • 9
0
votes
1 answer

In Rsyslog, how do you replace regex matches with custom text?

I'm trying to capture text via regular expression and replace the text with a custom string. My current code successfully captures IP addresses, but I don't know how to replace the IP address with custom text along with the rest of the…
Drin
  • 3
  • 2
0
votes
0 answers

nextjs/pino transport to aws linux2 syslog

I'm building my first NextJS project, and am using the recommended Pino for logging. This has worked great in development, but now I'm trying to figure out how to deploy it to production. I think the simplest form of my question is "how do I get…
philolegein
  • 409
  • 4
  • 12
0
votes
0 answers

Proper rsyslog configuration

I have Debian 8 (Jessie) and need to write messages to log. Suppose, I have a program which sends to syslog: #include int main() { openlog("progname", LOG_CONS, LOG_USER); const char* msg = "{\"dt\":\"1670932865\",\"msg\":\"OK\"}"; …
Boris
  • 1
  • 1
0
votes
0 answers

SFTP logs to different files

I'm configuring an SFTP server and having some issues with logs ending up in different places, depending on a group membership. This is on RHEL 8 but the same issue exists on an old RHEL 6 machine. Most users are SFTP only and have no shell access,…
anlag
  • 26
  • 2
0
votes
1 answer

define custom fields for systemd-journald

The doc states, it may be possible to define new fields by applications. What does it mean? Can one define arbitrary fields or are only those possible listed in the doc USER JOURNAL FIELDS? If arbitrary fields are possible, how to define them then?
woodz
  • 136
  • 3
0
votes
0 answers

rsyslog is not capturing logs from remote server post log rotation

I have configured the rsyslog on my CentOS-7 server to receive logs from a network device. And, it is receiving logs at the configured file path. But, when the logroatation is done, it creates a new file and zip the existing log file as configured.…
Sophie
  • 1
0
votes
0 answers

php-fpm access log to rsyslog

I am trying to find a solution for getting logs from php72 php-fpm yii2 application behind nginx on several numbers of servers: at now application writes its logs to files on server disk, yii performs rotation of log files. But this solution…
Илья Бугримов
  • 1
  • 1
0
votes
0 answers

RootDirectory in systemd ignored?

I am trying to execute service but result is "Failed to locate executable /usr/sbin/myservice: No such file or directory". Service runs under chroot. Service…
JozefSK
  • 36
  • 2
0
votes
0 answers

Rsyslog over TLS

I'm now trying rsyslog, I'm trying to receive logs from an external system (barracuda: https://campus.barracuda.com/product/essentials/doc/85494328/syslog-integration/ but someone else manages this system) using rsyslog over TLS. Actual behavior: I…
user989959
  • 1
  • 1
1 2 3
45 46