Does fluentd depend on rsyslog?

Question

Still wrapping my head around logging technology. I'm following the fluentd to graylog2 recipe but I don't understand this step:

Open /etc/rsyslog.conf and add the following line to the beginning of the file: *.* @127.0.0.1:5140 Then, restart rsyslogd by running sudo /etc/init.d/rsyslog restart.

What's supposed to listen on 127.0.0.1:5140? Is rsyslog a fluentd dependency?

score 1 · Answer 1 · edited Oct 21 '18 at 13:27

1

According to Parse Syslog Messages Robustly:

The problem with syslog is that services have a wide range of log format, and no single parser can parse all syslog messages effectively.

Rsyslog seems the recommended way to forward logs to fluentd.

edited Oct 21 '18 at 13:27

jtlindsey

4,346
4
45
73

answered Oct 12 '16 at 09:36

user638145

57
2
9

Ryan Lavelle · Answer 2 · 2016-10-25T18:30:14.593

0

Fluentd listens on the port 5140 if you enable the Rsyslog input. Changing the line in

/etc/rsyslogd.conf

forwards the traffic from Rsyslog to Fluentd.

However, if you don't want to turn on Rsyslog you can just send the traffic straight to port 5140.

edited Oct 25 '16 at 18:30

answered Oct 24 '16 at 23:22

Ryan Lavelle

1,312
10
13

Does fluentd depend on rsyslog?

2 Answers2