Questions tagged [rsyslog]

Rsyslog is enhanced syslogd with lot of enhanced features

Rsyslog is enhanced syslogd and supports among other things MYSQL, PostgreSQL, failover log destination etc. Features like encryption, failover destination, precise timestamps etc make it a ideal candidate for enterprise log management. It is available in both flavors: with support and community edition.

References:

729 questions

votes

1 answer

systemd messages not showing in /var/log/messages

systemd version is systemd-201-2.fc18.9.i686 journald is masked. rsyslog version is rsyslog-7.2.6 I see all messages logs coming in /var/log/messages except for systemd messages. I see systemd messages in dmesg buffer but not in…

asked Nov 26 '15 at 11:25

user3872776

votes

0 answers

Regex for extract the Exception Message fields (Used rsyslog as a message source)

I'm creating log parser to parse the log message from different source like rsyslog, logback extension, nxlog etc. I have to extract exception message fields. But I stuck while generating regex for below test string. Test String: 2014-10-16…

regex exception rsyslog

asked Nov 10 '15 at 05:06

Amit

votes

0 answers

Rsyslog Ruleset - Not always working correctly

I have a ubuntu 14.04 server with Rsyslog running. The ruleset in 50-default.conf: ruleset(name="eventlog"){ action(type="omfile" file="/var/log/eventlog.log") } ruleset(name="networklog"){ action(type="omfile"…

rsyslog

asked Nov 06 '15 at 19:09

uid500

votes

1 answer

rsyslog write $programname as kafka topic

I want to write messages from rsyslog to kafka, use rsyslog $programname or $syslogtag as topic, however, omkafaka plugin didn't accept params, how can I achieve this? I have tried using (type="omkafka" topic="$programname" ...), it fails.

apache-kafka rsyslog

asked Nov 06 '15 at 06:11

sayume

votes

0 answers

rsyslog if then clause fails when an action provided

I want to filter some logs from clients and push them to kafka, however, it didn't work, log config file: module(load="omkafka") module(load="imtcp" streamdriver.mode="1" streamdriver.authmode="anon") input(type="imtcp" port="10514") if $msg…

rsyslog

asked Nov 04 '15 at 07:18

sayume

votes

2 answers

Making logging of arrays in syslog readable

For troubleshooting, I often wish to log arrays and/or objects and use something like syslog(LOG_INFO,'cmds: '.print_r($cmds_reply,1)); which produces the following output. My difficulty is reading the log with all the superfluous characters and…

php syslog rsyslog

asked Nov 03 '15 at 14:39

user1032531

24,767
68
217
387

votes

1 answer

How to decipher traffic from syslog-ng to syslog

I have a centralized syslog-ng system that is taking in feeds from various servers, and putting it into storage. Fortunately, I was forward thinking and I have each system coming in on its own port, which helps me delineate which traffic is…

logging tags syslog rsyslog syslog-ng

asked Oct 27 '15 at 19:23

jasonmclose

1,667
4
22
38

votes

1 answer

Configure server name in Linux audit logs sent to rsyslog

I've configured audit server to forward the logs to a centralized rsyslog server. Is there a way to configure the server type or something unique to a group of servers in the log message? I've set the name_format to "user" and name to be a unique…

linux audit rsyslog

asked Oct 23 '15 at 20:40

R. Puram

votes

1 answer

Getting error while streaming to syslog to jKool Cloud

I am trying to stream my Ubuntu rsyslog/syslog log messages to central log analytics service jKoolCloud and I am getting the following error: java.lang.SecurityException: Failed to authenticate with service='https://data.jkoolcloud.com:6580' …

logging syslog rsyslog jkoolcloud

asked Oct 23 '15 at 02:01

David Cheng

votes

1 answer

NXlog ignores multiline tomcat stacktraces while sending to Papertrail

I am able get the stacktrace[exceptions] from rsyslog (v-8.13.0) to a common nxlog server which sends the logs to a papertrail server. But the nxlog server ignores these multiline logs to papertrail. I know there is a module (xm_multiline) in nxlog…

tomcat7 stack-trace rsyslog nxlog papertrail-app

asked Oct 20 '15 at 10:01

Nishant Singh

3,055
11
36
74

votes

1 answer

Rsyslog - Monitor a custom log file

I am using Ubuntu 14.04 and I have managed to use rsyslog to push my Apache error logs to Papertrail. I then moved onto monitor another log file and after a restart and commenting out the Apache config lines, I still get Apache logs being…

apache rsyslog papertrail-app

asked Oct 13 '15 at 14:55

Abs

56,052
101
275
409

votes

1 answer

Openstack Instance syslog

I need to get the syslog of the instances created by openstack. I am able to get console log but I need the syslog of the instance. Could you please help me?

openstack syslog rsyslog openstack-nova

asked Oct 13 '15 at 07:03

Satheesh

votes

1 answer

How to change/customize log formats in /var/log/messages ,/var/log/secure etc

I want to change the log message format which is getting printed in /var/log/messages. I checked in rsyslog.conf file also ,but i didnt find anything relevant to this. Please help.

linux logging syslog rsyslog

asked Oct 09 '15 at 06:50

SecureTech

votes

1 answer

Logs not received on remote syslog server

I am trying to centralize logs (/var/log/secure and /var/log/messages) from a Linux server (rsyslog) to a Solaris server (syslog). My rsyslog.conf file: #### RULES #### # Log all kernel messages to the console. # Logging much else clutters up the…

syslog rsyslog

asked Oct 07 '15 at 08:56

WetSocks

votes

0 answers

Flume syslogtcp source using rsyslog

I need to ingest data from remote server using flume to hdfs:: I have used source as syslogtcp. My flume.conf file is as: Agent.sources = syslog Agent.channels = MemChannel Agent.sinks = HDFS Agent.sources.syslog.type =…

syslog rsyslog flume-ng

asked Sep 28 '15 at 14:33

Manish

Prev 1 2 3

…

48 49 Next