The rocket-fast system for log processing
Written by Jan Gerhards Here are some different guides for people, who never worked with rsyslog. First I’ll explain, how to install rsyslog. Besides, I will explain how to install some packages, which you will need to install rsyslog. There are two important ones and some minor ones. After that, I will show how to […]
We want to describe here, how to install rsyslog from the RPM repository on RHEL/CentOS 5 and 6. Currently, we have RPMs available for the most recent versions of rsyslog. To use the repository, please follow these steps. 1. Obtain the .repo file To be able to use the RPM repository, you need a .repo […]
The relevant syslog RFCs 3164 and 5424 limit the syslog tag to 32 characters max. Messages with larger tag length are malformed and may be discarded by receivers. Anyhow, some folks sometimes need to send tags longer than permitted. To do so, a new template must be created and used when sending. The simplest way […]
We want to use rsyslog in its general purpose. We want to receive syslog. In rsyslog, we have two possibilities to achieve that. Things to think about First of all, we will determine, which way of syslog reception we want to use. We can receive syslog via UDP or TCP. The config statements are each […]
Log files should be processed by rsyslog. Here is some information on how the file monitor works. This will only describe setting up the Text File Input Module. Further configuration like processing rules or output methods will not be described. Things to think about The configuration given here should be placed on top of the […]