rsyslog

The rocket-fast system for log processing

How to use debug on demand?

This article should show how the "debug on demand" function works in rsyslog. It has been tested and verified with rsyslog 6.1.0 (v6-Devel) on Fedora 13 (steps may vary on different OS). It is assumed, that rsyslog is already working on the system. On notes regarding the installation and configuration, please take a look at the documentation. Debug on Demand is available since version 4.5.7.

To get this option working, we need to enable it first. This is done by enabling it and specifying a path for the debug log file. Open up a terminal with root rights and use the following commands:

export RSYSLOG_DEBUG="DebugOnDemand NoStdOut"
export RSYSLOG_DEBUGLOG=/somepath/example.log

The first option enables the "debug on demand" itself without standard output. This is necessary to have it disabled when starting the service. The second option specifies the path and name of the log file.

Now we have to stop the rsyslog service, before we are ready. Use the following command:

/etc/rc.d/init.d/rsyslog stop

We have now stopped the service and need to start it again. In the current configuration we need to start rsyslog as a foreground application. Due to it being much simpler to configure it this way, rsyslog needs to be a foreground application for "debug on demand" to work instead of a background service. Start it again as foreground application with the following command:

rsyslogd -n

Open up a second terminal (again with root) so we can enable or disable the "debug on demand". Use this command:

kill -USR1 `cat /var/run/rsyslogd.pid`

Using this command once will enable the debug mode. Using it again will disable it. Please note that you definately need "-USR1″ else the rsyslog will be really killed. Further make sure to use the backticks. These are important.

That’s it basically. You can now review your "debug on demand" log files.

3 thoughts on “How to use debug on demand?

  1. Hello, what a nice feature! However, I have two questions:

    1. What’s the minimum version of rsyslogd required to use this? (I’m running 5.6.0 at the moment)
    2. The two exports of the very same RSYSLOG_DEBUG look b0rked. The second export will overwrite the value of the first export, so rsyslogd will never see the value of the first export. Is this a typo?

  2. How I wish decent intermediate background tutorials were available for rsyslogd. Something for configuration to bridge the gap between "make install" and "here’s how to log to sql".

    After ~15 years, linux docs are still being written assuming that one already understands everything but just needs some notes.

    Nothing like 3 days of google and being unable to precisely identify which facility and log-level a message came from, or worse yet, unable to find simple building block examples of "This conf file rule results in the following output lines/actions/etc". I only find snippets of rules all glommed into one to provide grammar examples… but with no "do this–>get this" examples of output for it.

    I suppose I should write something up, since I’m treading that long stone-covered road myself.

Comments are closed.