Documentation Improvement and AI

For a long time, I struggled with the daunting task of enhancing the documentation for Rsyslog. My extensive knowledge of Rsyslog technology often made it challenging for me to create user-friendly documentation, especially for individuals with little to no syslog background. Additionally, as a non-native English speaker, I was aware that some of my sentences might be harder to understand than desired. But thanks to the breakthroughs in generative artificial intelligence (AI), the game has changed, and a new era of documentation improvement has begun.

With current state of technology, AI can not auto-generate complete documentations. It needs to form a team with a human instead. (Image: Rainer Gerhards via AI)
Continue reading “Documentation Improvement and AI”

Elevating Syslog Security: RSyslog Introduces DTLS Plugins for UDP

We at the RSyslog project are excited to share our recent advancements in syslog security. We have introduced initial plugins for Datagram Transport Layer Security (DTLS) syslog, namely imdtls (input module) and omdtls (output module). This development, which aligns with RFC 6012, represents a significant enhancement, albeit not a game-changer, in our continuous efforts to improve secure log transmission.

A symbolic graphic depicting syslog traffic.
A symbolic graphic depicting syslog traffic. (Picture: Rainer Gerhards via AI)
Continue reading “Elevating Syslog Security: RSyslog Introduces DTLS Plugins for UDP”

Additional improvements to rsyslog doc and site…

We’re excited to announce significant enhancements to the rsyslog website, designed to make your experience more efficient and enjoyable. Our primary focus has been on the documentation presentation, and we’ve implemented a range of upgrades across the site to reflect this.

rsyslog doc and site improvements continue (symbol picture: Rainer Gerhards via AI)
Continue reading “Additional improvements to rsyslog doc and site…”

Improving the rsyslog documentation…

The current state of rsyslog documentation and its representation on our official website has been a subject of concern within the professional community. We are initiating a comprehensive project aimed at systematically addressing these issues. Over the coming weeks, stakeholders can expect a series of methodical changes, some of which may be significantly transformative.

The rsyslog documentation – an important part of the system. (image: Rainer Gerhards/AI)
Continue reading “Improving the rsyslog documentation…”

RSyslog Windows Agent 7.5 Released

Release Date: 2023-10-18

Build-IDs: Service 7.5.0.225, Client 7.4.0.315

Bugfixes

  • Relp Action: Updated to latest librelp version 1.11.0.
  • File Action: Fixed a race condition in Filename handling that could cause a problem under heavy load and stress conditions.
  • Filter Engine: Fixed incorrect greater / lower filter handling of IP Type Filter.
  • Network Core: Suppressed network error debug output during interrupts if connection is in shutdown state.

You can download Free Trial Version of RSyslog Windows Agent.

RSyslog Windows Agent 7.4 Released

Release Date: 2023-06-21

Build-IDs: Service 7.4.0.223, Client 7.4.0.315

Bugfixes

  • Syslog Action: Fixed a very rare case where an Action could try to open **TCP connections** to the same target **multiple times simultaneously**. The handling has been hardened to avoid concurrent connection establishment retries for the same Action.
  • Syslog Action: Fixed error handling when **the** connection fails and Syslog Caching is enabled. If a syslog backup server is enabled, the action will now retry the primary server correctly again after syslog caching has been activated.
  • EventLog Monitor V2: Fixed an issue in XML-Stream Processing that could cause failure in processing an EventLog Message.
  • LogRotate: Corrected error reporting when the feature is not available **due to** licensing.
  • Network Core: **Enhanced stability** during closing connections.

You can download Free Trial Version of RSyslog Windows Agent.

AWS rsyslog – Applying Configuration Changes

Once you’ve updated the configuration of the AWS rsyslog application, it’s important to manually apply the new settings as rsyslog doesn’t do this automatically. This is to prevent partial changes from being loaded and potentially causing issues.

The AWS rsyslog AWS application provides a dedicated tool, rsyslogctl, which can be used to check and reload the configuration. During the reload process, rsyslogctl determines the most efficient way to apply the changes. For example, some changes like drop rules can be applied without interrupting message processing, while others require a full restart, causing a brief interruption.

Continue reading “AWS rsyslog – Applying Configuration Changes”

rsyslog on AWS – S3 file structure

The EBS disk included in the product is only used for day-to-day storage of logs. Persistent log storage is kept on an S3 store. This store also contains some other data items which should persist over upgrades of the rsyslog on AWS application.

The following prefixes/folders are used by rsyslog:

  • /rsyslog.logstore/ – the actual logstore
    This is synced with data from the local EBS disk once a day for the past day (in default settings).
  • /rsyslog.config/ – config data items.
    This contains the user-based config which can be restored from here during an upgrade or on misconfiguration.

The users should select proper S3 policies based on her or his needs. Most importantly, Versioning and Retention Period should be set accordingly.

The S3 store to use can be configured during the cloud formation process and manually via the meta config.

Back to aws rsyslog overview.

New Version Release of libfastjson: Enhanced Optimization for liblognorm – Version 1.2304.0

We are excited to announce the latest version of libfastjson, version 1.2304.0, offering enhanced optimizations specifically tailored for liblognorm processing. This update brings not only a change in the release numbering to align with rsyslog standards but also includes a crucial security fix.

Highlights of the Release:

  • Updated Release Numbering Scheme: Adopting a release numbering scheme similar to rsyslog, we aim for greater consistency and clarity across our projects.
  • Security Enhancement: The release addresses CVE-2020-12762. We acknowledge and thank Wang Haitao for the valuable patch. It’s noteworthy that this CVE had no impact on rsyslog usage due to inherent size limits.

Changelog for Version 1.2304.0 (2023-04-18):

  1. Transition to a release numbering scheme mirroring that of rsyslog.
  2. Patch for CVE-2020-12762, reinforcing the security of the library.

Download the Latest Version:

The new version of libfastjson can be downloaded from: libfastjson 1.2304.0 Download

Checksum (sha256sum): ef30d1e57a18ec770f90056aaac77300270c6203bbe476f4181cc83a2d5dc80c

rsyslog on AWS – an Overview

Our team at Adiscon offers a comprehensive paid full-service rsyslog product, available on the AWS Marketplace. As the same team that develops and supports the rsyslog open source project, we’re dedicated to providing exceptional service and ongoing innovation.

By purchasing our AWS Marketplace product, you’re also supporting the continued development of rsyslog. This ensures that the open source project remains robust, reliable, and up-to-date.

Our full-service rsyslog offering is designed specifically for organizations seeking a seamless and hassle-free way to collect syslog data on the cloud. We provide ongoing support and maintenance, along with regular updates to ensure the highest level of performance and security.

In summary, our AWS Marketplace product is the perfect solution for organizations that value simplicity, efficiency, and reliability when it comes to collecting syslog data in the cloud.

The AWS product ist currently in limited beta phase. If you are interesting in joining the beta, please email support@adiscon.com.

Some Documentation is already available (and being improved during the beta phase). Please follow these links:

Scroll to top