rsyslog 8.2606.0: stream compression, Elastic Beats input, and ongoing defensive hardening
We have released rsyslog 8.2606.0, the June 2026 scheduled-stable version. Scheduled-stable releases are bi-monthly snapshots of the daily-stable branch, providing predictable update points with the same functional content as daily-stable at the time of the snapshot.
The main theme of this release is operational robustness under pressure: reducing forwarding bandwidth with experimental stream compression, adding Elastic Beats input support for selected pipeline use cases, and continuing the defensive hardening work across the code base.
The three changes that deserve the most attention are:
- Experimental TCP stream compression for
omfwdtoimtcp - New Elastic Beats / Lumberjack input module via
imbeats - Continued defensive hardening and reliability work
Rsyslog Windows Agent 8.3 Released
We have just released Rsyslog Windows Agent 8.3, bringing enhanced interoperability, modern configuration options, and deep operational visibility to our professional Windows-to-Linux logging bridge.
A major highlight of this release is the introduction of YAML configuration support. By adding file-based YAML support for service configuration files, rsyslog Windows Agent now allows administrators to utilize human-readable, industry-standard formatting for their configuration logic. This facilitates easier integration with DevOps toolchains and simplifies the management of complex forwarding rules across diverse Windows environments.
Operational transparency has also been significantly improved with the addition of Runtime Metrics. Administrators can now enable a dedicated HTTPS query endpoint to access real-time service metrics. This feature allows for the direct monitoring of event throughput and service health, making it simple to pull performance data into centralized monitoring systems.
Furthermore, rsyslog Windows Agent 8.3 is ready for the next generation of infrastructure with enhanced Windows Server 2025 support, including improved message fallback and custom-channel cleanup within the Event Monitor service.
Continue reading “Rsyslog Windows Agent 8.3 Released”rsyslog 8.2604.0: YAML configuration, Azure Monitor output, and stronger hardening
We have released rsyslog 8.2604.0, the April 2026 scheduled-stable version. Scheduled-stable releases are bi-monthly snapshots of the daily-stable branch, providing predictable update points with the same functional content as daily-stable at the time of the snapshot.
This release makes rsyslog easier to configure, easier to integrate with modern observability platforms, and more robust under failure conditions.
Four major highlights:
- YAML as an alternative configuration format
- Azure Monitor and HTTP ecosystem integration
- Reliability and security hardening
- Packaging, CI, and portability improvements
rsyslog gains native Azure Monitor Logs Ingestion support
Cloud logging environments are rarely simple. Many organizations run mixed estates where on-prem systems, private infrastructure, and cloud services all need to feed into a central observability workflow. That is exactly where rsyslog is supposed to help: reliable, flexible log transport and processing without forcing a one-size-fits-all architecture.
We have now taken another step in that direction.
With the merge of PR #6615 on March 18, 2026, rsyslog now includes a new output module, omazuredce, for sending events directly to Azure Monitor Logs Ingestion. The merged change includes the module itself, documentation, configuration parameters, build integration, and tests.
Docs moved to new Domain
We have today moved the rsyslog official documentation to https://docs.rsyslog.com/doc instead of our long-standing location directly on www.rsyslog.com/doc. All existing links will be properly redirected. The goal is to keep the all-important doc set on its own resource, which helps with scaling and ensuring availability of the documentation.
This move was considered for quite a while and has its pros and cons. The ultimate reason we are doing it, and doing it now is a cyberattack against rsyslog.com which began four days ago. While we mitigated it quickly, it led to unavailability of the doc for around one hour. That made us finally make the decision to move doc to a dedicated system, which we can make more robust than the full featured site with it’s dynamic content.
Continue reading “Docs moved to new Domain”rsyslog 8.2602.0: ROSI Collector, rate-limit policies, stronger TLS, and telemetry integration
We have released rsyslog 8.2602.0, the February 2026 scheduled-stable version. Scheduled-stable releases are bi-monthly snapshots of the daily-stable branch, providing predictable update points with the same functional content as daily-stable at the time of the snapshot.
This release introduces a new production-ready deployment stack and continues significant runtime and security hardening.
Four major highlights:
- ROSI Collector: centralized log collection stack
- Named rate limit policies for imtcp and imptcp
- Security and TLS hardening
- Telemetry and ecosystem integration
The rsyslog 2025 Year in Review
Evolving Proven Infrastructure for a New Era
The year 2025 was a defining year for rsyslog. Not because of a single feature or release, but because several long-running threads finally converged: AI-assisted workflows, even fuller multi-core scalability, and native integration with modern observability stacks.
Rather than chasing trends, rsyslog focused on evolving what it already does best: reliable, high-performance log and data processing for real-world infrastructure.
At the same time, the project continued a shift that has been underway for years. For quite some time now, rsyslog has been more than a syslog daemon. It is increasingly used as a flexible, programmable data and information pipeline that happens to excel at logs.
Continue reading “The rsyslog 2025 Year in Review”Season’s Greetings from the rsyslog Project
As the year comes to a close, we would like to send our warm thanks to everyone who makes the rsyslog project what it is.
To our users, contributors, and community members around the world: thank you for your trust, feedback, bug reports, patches, documentation work, and thoughtful discussions throughout the year. Open source only works because of people who care, and rsyslog is no exception.
Continue reading “Season’s Greetings from the rsyslog Project”rsyslog 8.2512.0: network namespaces, omhttp enhancements and much more
We have released rsyslog 8.2512.0, the December scheduled-stable version. Scheduled-stable releases are bi-monthly snapshots of the daily-stable branch, providing predictable update points with the same functional content as daily-stable at the time of the snapshot.
This release contains three major highlights:
- Completion of the foundational Network Namespace implementation, developed by Billie Alsup.
- A major omhttp refactoring and feature upgrade, contributed by Adrien GANDARIAS, with substantial integration work on the PR.
- The newest contribution: significant mmsnareparse enhancements by André Lorbach (Adiscon), expanding and refining modern SNARE and Windows event parsing capabilities.
Documentation improvements continue across the tree. As always, rsyslog.com/doc documents the current codebase.
Continue reading “rsyslog 8.2512.0: network namespaces, omhttp enhancements and much more”rsyslog AI Assistant Update
We’ve applied a small knowledge base correction to the rsyslog AI Assistant (ChatGPT and DigitalOcean Gradient versions), both available at rsyslog.ai.
While minor, this update improves answer accuracy and consistency for configuration and troubleshooting topics.
