Main Advantages of rsyslog v7 vs. v5
Why rsyslog V7:
- greatly improved configuration language – the new language is much more intuitive than the legacy format. It will also prevent some typical mistakes simply by not permitting these invalid constructs. Note that legacy format is still fully supported (and you can of course do the same mistakes if you use legacy format).
- greatly improved execution engine – with nested if/then/else constructs as well as the capability to modify variables during processing.
- full support for structured logging and project lumberjack / CEE – this includes everything from being able to create, interpret and handle JSON-based structured log messages, including the ability to normalize legacy text log messages.
- more plugins – like support for MongoDB, HDFS, and ElasticSearch as well as for the kernel’s new structured logging system.
- higher performance – many optimizations all over the code, like 5 to 10 times faster execution time for script-based filters, enhanced multithreaded TCP input plugin, DNS cache and many more.
Of course, there are many more improvements. This list contains just the most important ones. For full details, check the file ChangeLog.
rsyslog 7.1.9 (v7-beta) released
We have just released 7.1.9 of the v7-beta branch. This is a pure bugfixing release. More information on the changes can be found in the ChangeLog.
ChangeLog:
http://www.rsyslog.com/changelog-for-7-1-9-v7-beta/
Download:
http://www.rsyslog.com/rsyslog-7-1-9-v7-beta/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 7.1.9 (v7-beta)
Download file name: rsyslog 7.1.9 (beta)
rsyslog 7.1.9 (beta)
sha256 hash: 07949a02978423196d8229291bca8091c1edbe248ccd8e4b216d4d5ab251a036
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 7.1.9 File size: 2.687 MB
How to use rsyslog and MongoDB
rsyslog is since version 6.1.3 capable of using a output module called “ommongodb” to write log messages to mongodb. To achieve this, several packages are needed:
mongodb mongodb-server php-pecl-mongo libmongo-client libglib2.0-dev
These and of course rsyslog are needed. The packages are easily installed via a package manager. And the installation steps for rsyslog are the usual ones. Except for the “Configure”. Please make sure to include “–enable-ommongodb“. And the other features you plan to use of course.
./configure --libdir=/usr/lib --sbindir=/usr/sbin --enable-ommongodb make make install
After this, you need to make some adjustments to the rsyslog.conf. You need to load the module of course and configure an action:
module (load="ommongodb") *.* action(type="ommongodb" server="127.0.0.1")
In this case we send everything to the local MongoDB server. With the default settings, this should work directly. No username or password is needed if it isn’t configured in MongoDB. And the “db” and “collection” will automatically be created. The default database that rsyslog will use is “syslog” and the default name for the collection is “log“. These can be changed by various parameters.
To review what is written to the database, simply open a command line and enter “mongo“. This is to open the MongoDB Shell. You now need to change the database that is used with
use syslog
That way all further commands will be used on the database that rsyslog uses. Next we let the shell show us the entries:
db.log.find()
Please make sure to use the exact command. Of course there are a lot of other commands that you may find useful. Or information on how to secure the database. Please refer to the MongoDB documentation for that.
rsyslog 7.1.8 (v7-beta) released
The 7.1.x branch is now feature-complete, consequently this is the first beta release. From now on, 7.1.x will mature and only receive patches. New features will be introduced in the (soon to be opened) 7.3.x branch.
ChangeLog:
http://www.rsyslog.com/changelog-for-7-1-8-v7-beta/
Download:
http://www.rsyslog.com/rsyslog-7-1-8-v7-beta/
As always, feedback is appreciated.
Best regards,
Florian Riedl
Changelog for 7.1.8 (v7-beta)
Version 7.1.8 [beta] 2012-10-02
- bugfix: ruleset(){} directive errornously changed default ruleset much like the $ruleset legacy conf statement. This potentially lead to statements being assigned to the wrong ruleset.
- improved module doc
- added “parser” parameter to ruleset(), so that parser chain can be configured
- implemented “continue” RainerScript statement
rsyslog 7.1.7 (v7-devel) released
This release adds the “call” statement, a superior replacement to omruleset. It also provides array-based string comparison operations and the ability to configure TLS permitted peers via the new config language. The 7.1.x branch is now 99% feature-complete.
ChangeLog:
http://www.rsyslog.com/changelog-for-7-1-7-v7-devel/
Download:
http://www.rsyslog.com/rsyslog-7-1-7-v7-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 7.1.7 (v7-devel)
Download file name: rsyslog 7.1.7 (devel)
rsyslog 7.1.7 (devel)
sha256 hash: 353d69798bc25b68c3354949204d0cd8ac481fda2aedac98d0a49393ae6310e8
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 7.1.7 File size: 2.615 MB
rsyslog 7.1.6 (v7-devel) released
This version implements the input() and ruleset() statements, which finally permit a config file to be written in new style only. A sample can be found at
http://blog.gerhards.net/2012/09/rsyslogs-new-input-statement-quick-look.html
ChangeLog:
http://www.rsyslog.com/changelog-for-7-1-6-v7-devel/
Download:
http://www.rsyslog.com/rsyslog-7-1-6-v7-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 7.1.6 (v7-devel)
Download file name: rsyslog 7.1.6 (devel)
rsyslog 7.1.6 (devel)
sha256 hash: d392c536d97e413e84dce6719351823214daf92bfe3d2665c11b073e81b71264
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 7.1.6 File size: 2.612 MB