Search Results

Avoid overly-large in memory queues

Rsyslog provides the “queue.size” parameter to set a limit on the number of messages a queue can keep in memory. This is primarily meant to support peak traffic. Note that this counter is given in number of messages, not bytes. A frequent mistake is to think in bytes and select very large values (e.g. 7 […]

rsyslog statistic counter Queues

Queue For each queue inside the system its own set of statistics counters is created. If there are multiple action (or main) queues, this can become a rather lengthy list. The stats record begins with the queue name (e.g. “main Q” for the main queue; ruleset queues have the name of the ruleset they are […]

Lower Bound for Queue Sizes

The queue.size parameter permits to specify the maximum queue size in number of messages. While not technically enforced, there is a lower limit on this parameter. Setting it to very low values (roughly below 100 messages) is not supported and can lead to unpredictable results. Also, future version my automatically adjust to a safe lower […]

Encrypted disk queues

This guide will tell you, how to quickly protect your disk queue through encryption. So you can be sure that unauthorized persons can’t read your queue. Please note that we only use the “disk” queue format in this guide to show you the encrypted files but normally we recommend you to use the “LinkedList” queue […]

RSyslog Windows Agent 7.2 Released

Release Date: 2022-01-18 Build-IDs: Service 7.2.0.217, Client 7.2.0.310 Features Syslog Service: Added configurable option to detect Year in RFC3164 Syslog Header. If enabled, the service will try to detect a Year after the usual RFC3164 Date Header. Syslog Service: Added configurable message size limit for syslog tcp messages. The default is 1MB which is far […]

RSyslog Windows Agent 7.0 Released

Release Date: 2021-03-09 Build-IDs: Service 7.0.0.213, Client 7.0.0.297 Features Filter Engine: Add support to filter by IPv6 addresses. Eventlog Monitor V2: Added support to for LogPoint SIEM JSON Format. Eventlog Monitor V2: Added support for the following EventLog properties (if available): Providerguid, processed, threaded, version, opcode, eventtype, nxseverityvalue (required for Severity Mapping in LogPoint SIEM […]

RSyslog Windows Agent 6.2b Released

Release Date: 2020-09-04 Build-IDs: Service 6.2.0.209, Client 6.2.0.284 Bugfixes Start Program Action: Fixed loading the Sync Timeout setting in file configuration mode. Queue Engine: Fix for STATUS_STACK_BUFFER_OVERRUN exception. STATUS_STACK_BUFFER_OVERRUN doesn’t mean that there was a stack buffer overrun. It appears that due recent security updates in windows network code, a new exception type was introduced. […]

RSyslog Windows Agent 6.1 Released

Release Date: 2020-01-31 Build-IDs: Service 6.1.0.205, Client 6.1.0.280 Features Property engine: Added new static property %localhostname% which contains the local computer name. Syslog Action: Fixed Syslog Version in RFC5424 Header to 1. Bugfixes EventLog Monitor V2: Fixed an issue losing the first record LastRecord was resetted. EventLog Monitor V2: Fixed minor issues in new caching […]

Scroll to top