Skip to main content
Server Fault

Questions tagged [rsyslog]

Ask Question

rsyslog is an enterprise-ready replacement for the syslog daemon on Linux and other UNIX operating systems.

702 questions
Newest Active Bountied Unanswered
0 votes
1 answer
151 views

I need to have two instances of rsyslogd running on an ubuntu 2404. One being the systems local syslog server which is locked down to enterprise standards and one for a syslog relay for collecting ...
Russell Fulton's user avatar
  • 325
0 votes
0 answers
86 views

I have two VMs, with the identical rsyslog version and configuration: rsyslogd -v rsyslog internal message (3,-2455): could not transfer the specified internal posix capabilities settings to the ...
Hasan Can Saral's user avatar
  • 121
2 votes
1 answer
67 views

We have a number of hosts with domain names (the hosts are not aware of this domain name and do not send it.) We accept logs from those hosts based on their IP address: if ($fromhost-ip == '192.168.1....
miken32's user avatar
  • 1,048
0 votes
0 answers
87 views

I'm trying to convert log from a specific format received on UDP port to RFC 5424 using mmnormalize rsyslog module (liblognorm). But after multiple attempt, I'm not able to get the log in the correct ...
N. G's user avatar
  • 1
1 vote
1 answer
110 views

ubuntu 24.04: I know that my program can write to stdout and rsyslog can write that to a file. The problem with this is that log rotation is painful. So I would much rather have rsyslog handle the ...
Russell Fulton's user avatar
  • 325
4 votes
2 answers
521 views

I am attempting to use rsyslog's omprog output driver to process logging data and apparmor is preventing the program starting. Aug 14 07:55:29 secmgrprd09 kernel: audit: type=1400 audit(1755114929.929:...
Russell Fulton's user avatar
  • 325
0 votes
2 answers
225 views

On an Ubuntu 24.2 server I run rsyslog. Logfiles are automatically created based on reverse DNS; my intended operation. After an unscheduled reboot, some filenames were based on IP addresses. Quite ...
MH010's user avatar
  • 3
1 vote
0 answers
116 views

I see lines like this in the output from impstats: action-21-builtin:omfwd: origin=core.action processed=87059 failed=0 suspended=0 suspended.duration=0 resumed=285 How do I relate the number 21 ...
Russell Fulton's user avatar
  • 325
2 votes
1 answer
307 views

Running rsyslog v8.2102.0-15.el8_10.1 on RHEL 8.10 (and 9.6). It logs these messages about clients sending syslog via TLS: Jul 17 13:06:38 rsyslog-server rsyslogd[1782767]: unexpected GnuTLS error -54 ...
Wei Wang's user avatar
  • 21
1 vote
2 answers
378 views

Running rsyslog version 8.2412.0-1.el9 on Red Hat Enterprise Linux 9.6. I'm trying to set a custom variable that I can check later in the configuration with this statement: if $syslogtag == "...
Wei Wang's user avatar
  • 11
0 votes
0 answers
79 views

I am facing an issue in my server. Sometime syslog auto restart. But after auto restart postfix is not create any logs. When restart postfix manually then it will work. How to solve this issue. root@...
Rumaion Tomal's user avatar
  • 51
0 votes
1 answer
132 views

system ubuntu 24.04, package Version: 8.2312.0-3ubuntu9.1 I have created a file in /etc/rsyslog.d : module(load="impstats" interval="900" severity="7" ...
Russell Fulton's user avatar
  • 325
0 votes
1 answer
277 views

I've encounterd an odd behavior I do not fully understand. Journald is supressing auditd messages being send out by rsyslog to a remote server for some reason on my centos 7-x64 VM: Thats the ...
shark0x00's user avatar
  • 3
0 votes
0 answers
104 views

I set up rsyslog on a raspberry pi to track some very noisy systems (into /var/log/router.log). I don't need to keep a lot of data, so I want to rotate out the logs quickly, or preferably, by log size....
icicleking's user avatar
  • 103
0 votes
1 answer
185 views

I need to override the priority and facility values in messages forwarded to one destination. There does not appear to be a 'property replacer' option to do a simple text replacement in a template. ...
Russell Fulton's user avatar
  • 325

15 30 50 per page
1
2 3 4 5
47