Storing and forwarding remote messages

In this scenario, we want to store remote sent messages into a specific local file and forward the received messages to another syslog server. Local messages should still be locally stored. Things to think about How should this work out? Basically, we need a syslog listener for TCP and one for UDP, the local logging […]

Using the Text File Input Module

Log files should be processed by rsyslog. Here is some information on how the file monitor works. This will only describe setting up the Text File Input Module. Further configuration like processing rules or output methods will not be described. Things to think about The configuration given here should be placed on top of the […]

How to write to a local socket?

One member of the rsyslog comunity wrote: I’d like to forward via a local UNIX domain socket, instead. I think  I understand how to configure the ‘imuxsock’ module so my unprivileged instance reads from a non-standard socket location. But I can’t figure out how to tell my root instance to forward via a local domain […]

Writing specific messages to a file and discarding them

Messages with the text “error” inside the text part of the message shall be written to a specific file. They shall not be written to any other file or be processed in any other way. Things to think about The configuration given here should be placed on top of the rsyslog.conf file. Config Statements :msg, […]

Sending Messages to a Remote Syslog Server

In this recipe, we forward messages from one system to another one. Typical use cases are: the local system does not store any messages (e.g. has not sufficient space to do so) there is a (e.g. legal) requirement to consolidate all logs on a single system the server may run some advanced alerting rules, and […]

Receiving Messages from a Remote System

This is a log-consolidation scenario. There exist at least two systems, a server and at least one client. The server is meant to gather log data from all the clients. Clients may (or may not) process and store messages locally. If they do doesn’t matter here. See recipe Sending Messages to a Remote Syslog Server […]

Using a different log Format for all Files

Rsyslog comes with a limited set of log file formats. These resemble the default format that people (and log analyzers) usually expect. However, for some reason or another, it may be required to change the log format. In this recipe, we define a new format and use it as the default format for all log […]

Discarding unwanted messages

Often, there are some messages that you know you will never store in any log file. Even worse, these messages are sometimes very frequently emitted. There are various ways to get rid of those unwanted messages. First of all, you need to identify them. Then look carfully and see what is special with these messages. […]

Storing Messages from a Remote System into a specific File

This is a log-consolidation scenario. There exist at least two systems, a server and at least one client. The server is meant to gather log data from all the clients. Clients may (or may not) process and store messages locally. If they do, doesn’t matter here. See recipe Sending Messages to a Remote Syslog Server […]

Scroll to top