rsyslog

invalid number (format?)

A configuration statement expected an integer number as its argument. However, the number was not well-formed. The configuration statement in question was ignored.

Note that only digits are permitted inside number. For example “1,000” needs to be written as “1000” (this may change in future releases).

Some value is invalid (e.g. user-supplied data).

A required template option is missing.

Some output plugins require specific template options. The template bound the the action is question does not contain this option and thus is rejected.

The most prominent example of required template options is the “SQL” set of options that many database output plugins require. This is done because if neither of these options is present, a sql injection (security issue) would happen. As such, most database plugins require one of these options (note that it is possible to write database plugins that work without this option in a secure way, it is depending on the approach taken by the plugin developer).

This is a stub entry: If you have questions please post a comment or visit the github issue tracker.

Action has disabled itself.

This is a follow-up error. Additional error messages should appear in front of this message.

What it means is that an action had a failure that caused it to disable itself. If an action is disabled, it will no longer be executed. This event will most probably happen when the configuration file is being processed, right before actual message processing begins. However, the 2006 status code may be issued at any time.

When and why it is issued is purely up to the output plugin in question. In general, an action should disable itself only if there is no chance (not even a remote one) that action processing can correctly continue. For example, omsnmp disables itself if it can not initialize the net-snmp library, in which case no further processing is possible.

A disable action will remain disabled until either rsyslogd is restarted or (for older releases) a restart-type HUP is issued (which mimics a restart and thus is the same thing).

This is a stub entry: If you have questions please post a comment or visit the github issue tracker.

Do not create an entry for (whatever) – not necessary an error.

Can happen if an ACL is to be added for tcp and udp syslog, a DNS name is used but the DNS name is non-resolvable or does not resolve into usable entries. It is best to double-check the permitted peers definitions for typos.

This is a stub entry: If you have questions please post a comment or visit the github issue tracker.

To indicate a false state (can be used as FALSE, legacy).

We had an error loading the object/interface and can not continue.

This is a stub entry: If you have questions please post a comment or visit the github issue tracker.

Invalid parameter in call to function.

This is a stub entry: If you have questions please post a comment or visit the github issue tracker.

Module can not run

This is a follow-up problem, issued by input modules. Usually, there should be some more error messages in front of this message.

The module did load, but can not be executed. One example is that some required parameters may be missing.

What does it mean?

This is a generic error message that unfortunately can happen in a number of cases.

In practice, it is often associated with suspension of actions. Then it comes with a text like

action “action 17” suspended

The number behind action changes.

How to solve it?

A frequent case for this error message on Debian-based distributions (like raspbian) is that rsyslog.conf contains the instruction to write to the xconsole pipe, but this pipe is never read. If so, you can simply delete these lines to remove the error message. These lines are usually found at the end of rsyslog.conf.

For other error message, it probably is a good idea to check rsyslog’s issue tracker at github and file a new issue if you can’t find a related case.

Note: we try to keep this page update if we see other frequent causes of this error.