Getting Started with rsyslog

rsyslog is a modern, high-performance logging service and the default system logger on many Linux distributions. It extends traditional syslog with advanced features like structured logging, reliable TCP/TLS delivery, and integration with modern pipelines (e.g., Elasticsearch, Kafka, or cloud services).

This guide helps you get up and running quickly. It includes:

• Installing rsyslog
• Basic Configuration
• Understanding the Default Configuration
• Forwarding Logs
• Next Steps

---

Quick Start (for experienced users):

sudo apt install rsyslog
sudo systemctl enable --now rsyslog

The following pages explain these steps in more detail.

---

Support: rsyslog Assistant | GitHub Discussions | GitHub Issues: rsyslog source project

Contributing: Source & docs: rsyslog source project

© 2008–2025 Rainer Gerhards and others. Licensed under the Apache License 2.0.