Installing and configuring Rsyslog
General procedures to install and configure.
Installing from packages
How to install using apt-get, yum, etc.
Installing from sources
How to compile the sources into your system.
Testing configuration blocks
#### MODULES #### # Load (i)nput and (o)utput (m)odules module(load="imuxsock") module(load="imklog") module(load="imudp") module(load="imtcp") module(load="imrelp") module(load="omrelp") module(load="impstats" interval="3600" severity="7" log.syslog="off" log.file="/var/log/rsyslog-stats.log") # Module parameters input(type="imrelp" port="1514" ruleset="remote") input(type="imtcp" port="514" ruleset="remote") input(type="imudp" port="514" ruleset="remote") #### GLOBAL DIRECTIVES #### # Use default timestamp format $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # Spool files $WorkDirectory /var/spool/rsyslog # Filter duplicate messages $RepeatedMsgReduction on #### RULES #### #...cut out standard log rules for brevity...# ruleset(name="remote"){ action(Name="storage" Type="omrelp" Target="10.1.1.100" Port="514" Action.ExecOnlyWhenPreviousIsSuspended="on" queue.FileName="storage-buffer" queue.SaveOnShutdown="on" queue.Type="LinkedList" Action.ResumeInterval="30" Action.ResumeRetryCount="-1" Timeout="5") action(Name="analysis" Type="omrelp" Target="10.1.1.101" Port="514" Action.ExecOnlyWhenPreviousIsSuspended="on" queue.FileName="analysis-buffer" queue.SaveOnShutdown="on" queue.Type="LinkedList" Action.ResumeInterval="30" Action.ResumeRetryCount="-1" Timeout="5") action(Name="indexer" Type="omfwd" Target="10.1.1.102" Protocol="tcp" Port="514" Action.ExecOnlyWhenPreviousIsSuspended="on" queue.FileName="indexer-buffer" queue.SaveOnShutdown="on" queue.Type="LinkedList" Action.ResumeInterval="30" Action.ResumeRetryCount="-1" Timeout="5") } #### INCLUDES #### # Includes config files (Do these last) $IncludeConfig /etc/rsyslog.d/*.conf
Note
You’ll learn exactly how to load each file/format in the next section.
- dest_dir
Destination directory.
- -m <module>, --module <module>
Run a module as a script.
- nome_envvar
Descrevendo um programa.
- -r
Work recursively.
- -r revision
Specify the revision to work upon.
- PAPER
You can set this variable to select a paper size.
todo:
Este item é do TO DO.
todolist:
none
FIM
See also
Help with configuring/using Rsyslog
:
Mailing list - best route for general questions
GitHub: rsyslog source project - detailed questions, reporting issues that are believed to be bugs with
Rsyslog
See also
Contributing to Rsyslog
:
Source project: rsyslog project README.
Documentation: rsyslog-doc project README
Copyright 2008-2023 Rainer Gerhards (Großrinderfeld), and Others.