Questions tagged [rsyslog]

Rsyslog is enhanced syslogd with lot of enhanced features

Rsyslog is enhanced syslogd and supports among other things MYSQL, PostgreSQL, failover log destination etc. Features like encryption, failover destination, precise timestamps etc make it a ideal candidate for enterprise log management. It is available in both flavors: with support and community edition.

References:

729 questions

votes

2 answers

Does fluentd depend on rsyslog?

Still wrapping my head around logging technology. I'm following the fluentd to graylog2 recipe but I don't understand this step: Open /etc/rsyslog.conf and add the following line to the beginning of the file: *.* @127.0.0.1:5140 Then, restart…

rsyslog fluentd

asked Oct 12 '16 at 09:05

user638145

votes

0 answers

issu with regxp rsyslog

i have this logs **[06/Aug/2016: 11:47:28 +0200]** [ Warning. Match of "rx \\.(jpg)$" against "REQUEST_FILENAME" required. [file "/mod_security2/modsecurity.conf"] [line "29"] [id "980"] **[msg "USER_ACTIONS_TRACKING…

regex rsyslog

asked Sep 29 '16 at 09:55

user2148747

votes

1 answer

Puppet agent not logging when master is located in the same node

I have been running puppet master and agent in a same node. While master works correctly, it seems the agent is not logging. I checked the /var/log/puppet folder and rsyslog, but they have nothing about the agent. I am using the following…

logging puppet rsyslog

asked Sep 16 '16 at 11:49

EGS

votes

1 answer

rsyslog file pointer when reading gigs of local logs

so I have been doing some digging on rsyslog, trying to figure out how it keeps track of where it left off when reading from a log file. On our new hosts we have already seen gigs of local logs being generated. If the rsyslog daemon crashes or must…

file pointers rsyslog

asked Sep 13 '16 at 15:03

Kid Oob

votes

2 answers

Flume. Strip all tags from syslogudp source

I am using apache-flume with syslogudp source. I set following into flume.conf: agent.sources.r1.type = syslogudp agent.sources.r1.port = 5140 agent.sources.r1.host = localhost agent.sources.r1.channels = c1 And following nginx.conf…

nginx flume syslog rsyslog

asked Aug 29 '16 at 18:04

Samriang

votes

1 answer

Is there a good way to handle nand corruption because of large amount of log messages (rsyslog used) in linux?

I am having an issue related to NAND corruption because of the big amount of log messages being written (i cannot control the amount of logs), so the amount of writes are corrupting the NAND, or that is what has been found, so, my question is, can i…

android linux corruption rsyslog

asked Aug 06 '16 at 00:03

michelle villegas

votes

1 answer

Rsyslog: imfile does not switch to inotify mode

I'm trying to send multiple nginx logs to loggly... Config file: /etc/rsyslog.d/21-nginx.conf $ModLoad imfile #$InputFilePollInterval 10 $InputFileMode inotify $WorkDirectory /var/spool/rsyslog $PrivDropToGroup adm # nginx…

nginx rsyslog loggly

asked Jul 31 '16 at 16:01

Vasiliy Bondarenko

votes

0 answers

Redirect log4j console output to remote log server

I'm managing a Stand-alone Java application which uses log4j facility to handle logging. I need to redirect its output to remote Rsyslog server. I configured log4j.properties files, but I can't restart this application, due to it's a…

java logging log4j rsyslog

asked Jul 31 '16 at 05:12

zsys

votes

1 answer

Collecting logs from hardware devices and application software using syslog-ng

I need to collect logs from devices like Firewall, printers, routers, switches, proxy-servers, mail-servers, db-server, anti-virus software and other softwares for both Linux and Windows platform. Will I be able to do that with any single…

logging syslog rsyslog syslog-ng

asked Jul 28 '16 at 07:31

Debashisenator

1,621
4
17
16

votes

1 answer

rsyslog template "eating" the first part of a message

I'm logging messages to syslog with Python's SysLogHandler. The problem is that startswith combined with a template seems to "eat" the beginning of the logged string. Rsyslogd is version 8.4.2, Python 2.7.9 (same behaviour on 2.7.11). It does not…

python rsyslog

asked Jun 29 '16 at 17:22

lorenzog

3,483
4
29
50

votes

1 answer

My syslog file has auth.debug twice. Which entry will get the log?

I am working on a project to update syslog.conf files in our unix environment. I discovered that many have duplicate entries. I don't know which will work or will they all work. Here are the existing entries. auth.debug @10.X.XXXX.XX auth.debug …

syslog rsyslog

asked Jun 21 '16 at 14:09

CharlieB

votes

1 answer

How to force rsyslog ommysql use utf8?

I'm using ommysql in rsyslog for transfering data into mysql $ModLoad ommysql local6.* :ommysql:localhost,Syslog,rsyslog,1 but cyrilic data goes like "·Ð¾Ð²Ð°Ð½Ð¸Ðµ Ð¸Ñ�Ñ‚Ð¾Ñ‡Ð½Ð" in database. I think It's because ommysql doesn't set utf8…

mysql linux utf-8 rsyslog

asked Jun 02 '16 at 04:26

Mike

votes

0 answers

Is it possible to configure rsyslog with two spool files?

Is it possible to configure rsyslog with two spool files or is it possible to separate the spool configuration to two different file locations based on a certain logic?

linux syslog rsyslog

asked May 25 '16 at 11:21

Joly

3,218
14
44
70

votes

1 answer

What field does the Docker tag relate to in RFC 5424

My Docker syslog tags are being truncated at what seems to be 32 characters. When I look at RFC 5424 I am not sure which field it is. Anyone know? I am trying to verify the allowed length the tag can be. Apr 19 06:43:05 ord-nodecore-prd-01…

docker syslog rsyslog

asked Apr 21 '16 at 18:41

DDDD

3,790
5
33
55

votes

1 answer

Specific logging with rsyslog and ELK

I have an rsyslog server and ELK stack running on the same server. Our application is forwarding logs to rsyslog and is forwarding it to localhost. We now want to split up our logging (frontend and backend logging). Our frontend dev has added a tag…

rsyslog logstash-configuration

asked Apr 12 '16 at 15:23

Wesley Smekens

Prev 1 2 3

…

48 49 Next