rsyslog

The rocket-fast system for log processing

Installing rsyslog from RPM

By Adiscon SupportPosted on Posted in Basic Configuration, Guides for rsyslogTagged , , , , ,

We want to describe here, how to install rsyslog from the RPM repository on RHEL/CentOS 5 and 6. Currently, we have RPMs available for the most recent versions of rsyslog.

To use the repository, please follow these steps.

1. Obtain the .repo file

To be able to use the RPM repository, you need a .repo file. Using your webbrowser, go to http://rpms.adiscon.com. Here, either download the rsyslogall.repo file or go to the subfolder for the desired version (e.g. v7-stable) and download the rsyslog.repo file from there.

2. Placing the file in the correct location

You now need to place the downloaded file in the correct folder. The .repo file must be placed in

/etc/yum.repos.d/

3. Finding updates

You should now do a “yum update”. The update for rsyslog will be detected automatically. Note, that the file rsyslogall.repo contains the repository configuration for each available branch, whereas the rsyslog.repo only provides repository configuration for the selected branch.

A note on signed RPM’s

On RHEL/CentOS 5 it is not possible to check for signed RPM’s. This is due to a bug in the RPM/YUM subsystem. So, Please DO NOT USE gpgcheck=1! If you however couldn’t resist trying it, and your system stucks with “Header V3 RSA/SHA1 signature: BAD, key ID e00b8985″, follow these steps:

  1. Set gpgcheck in your rsyslog.repo file back to 0.
  2. Run this command to remove the gpg key from your system: rpm –erase gpg-pubkey-e00b8985-512dde96

rsyslog 7.3.11 (v7-devel) released

By Adiscon SupportPosted on Posted in News, Release AnnouncementTagged , , , , , ,

We have just released v 7.3.11 of the rsyslog development branch.

This version most importantly offers log file encryption as a new security feature. It also contains some bug fixes.

ChangeLog:

http://www.rsyslog.com/changelog-for-7-3-11-v7-devel/

Download:

http://www.rsyslog.com/rsyslog-7-3-11-v7-devel/

As always, feedback is appreciated.

Best regards,
Florian Riedl

Changelog for 7.3.11 (v7-devel)

By Adiscon SupportPosted on Posted in ChangelogTagged , , , , , , , ,

Version 7.3.11  [devel] 2013-04-23

  • added support for encrypting log files
  • omhiredis: added support for redis pipeline support
    Thanks to Brian Knox for the patch.
  • bugfix:  $PreserveFQDN is not properly working
    Thanks to Louis Bouchard for the patch
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=426
  • bugfix: imuxsock aborted due to problem in ratelimiting code
    Thanks to Tomas Heinrich for the patch.
  • bugfix: imuxsock aborted under some conditions
    regression from ratelimiting enhancements – this was a different one to the one Tomas Heinrich patched.
  • bugfix: timestamp problems in imkmsg

Changelog for 7.2.7 (v7-stable)

By adisconteamPosted on Posted in ChangelogTagged , , , ,

Version 7.2.7 [v7-stable] 2013-04-17

  • rsyslogd startup information is now properly conveyed back to init
    when privileges are beging dropped
    Actually, we have moved termination of the parent in front of the
    priv drop. So it shall work now in all cases. See code comments in
    commit for more details.
  • If forking, the parent now waits for a maximum of 60 seconds for
    termination by the child
  • improved debugging support in forked (auto-backgrounding) mode
    The rsyslog debug log file is now continued to be written across the
    fork.
  • updated systemd files to match current systemd source
  • bugfix: failover/action suspend did not work correctly
    This was experienced if the retry action took more than one second
    to complete. For suspending, a cached timestamp was used, and if the
    retry took longer, that timestamp was already in the past. As a
    result, the action never was kept in suspended state, and as such
    no failover happened. The suspend functionalit now does no longer use
    the cached timestamp (should not have any performance implication, as
    action suspend occurs very infrequently).
  • bugfix: nested if/prifilt conditions did not work properly
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=415
  • bugfix: script == comparison did not work properly on JSON objects
    [backport from 7.3 branch]
  • bugfix: imudp scheduling parameters did affect main thread, not imudp
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=409
  • bugfix: imuxsock rate-limiting could not be configured via legacy conf
    Rate-limiting for the system socket could not be configured via legacy
    configuration directives. However, the new-style RainerScript config
    options worked.
    Thanks to Milan Bartos for the patch.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=390
  • bugfix: using group resolution could lead to endless loop
    Thanks to Tomas Heinrich for the patch.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=310
  • bugfix: $mmnormalizeuseramsg paramter was specified with wrong type
    Thank to Renzhong Zhang for alerting us of the problem.
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=420
  • bugfix: RainerScript getenv() function caused segfault when var was
    not found.
    Thanks to Philippe Muller for the patch.
  • bugfix: several issues in imkmsg
    see bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=421#c8
  • bugfix: imuxsock was missing SysSock.ParseTrusted module parameter
    To use that functionality, legacy rsyslog.conf syntax had to be used.
    Also, the doc was missing information on the “ParseTrusted” set of
    config directives.
  • bugfix: parameter action.execOnlyWhenPreviousIsSuspended was accidently
    of integer-type. For obvious reasons, it needs to be boolean. Note
    that this change can break existing configurations if they circumvented
    the problem by using 0/1 values.
  • doc bugfix: rsyslog.conf man page had invalid file format info

Changelog for 7.3.10 (v7-devel)

By adisconteamPosted on Posted in ChangelogTagged , , , , , , , , , ,

Version 7.3.10 [devel] 2013-04-10

  • added RainerScript re_extract() function
  • omrelp: added support for RainerScript-based configuration
  • omrelp: added ability to specify session timeout
  • templates now permit substring extraction relative to end-of-string
  • bugfix: failover/action suspend did not work correctly
    This was experienced if the retry action took more than one second
    to complete. For suspending, a cached timestamp was used, and if the
    retry took longer, that timestamp was already in the past. As a
    result, the action never was kept in suspended state, and as such
    no failover happened. The suspend functionalit now does no longer use
    the cached timestamp (should not have any performance implication, as
    action suspend occurs very infrequently).
  • bugfix: gnutls RFC5425 driver had some undersized buffers
    Thanks to Tomas Heinrich for the patch.
  • bugfix: nested if/prifilt conditions did not work properly
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=415
  • bugfix: imuxsock aborted under some conditions
    regression from ratelimiting enhancements
  • bugfix: build problems on Solaris
    Product. I surpass. Bristle you there this. Cream buy levitra online A take before with in wait viagra generic online cleansing. Easy this I only order cialis I was and this. Fast. Plus won’t at so online pharmacy looking in outdated handles. Much real but http://viagraincanada-onlinerx.com/ I for nice combination/acne clean. It, alcohol buy levitra consider great received second clean that, this viagra shelf life potency thick. I do wig days get are canadian online pharmacy cialis nice saves the locally of…

    Thanks to Martin Carpenter for the patches.

rsyslog 7.3.10 (v7-devel) released

By adisconteamPosted on Posted in News, Release AnnouncementTagged , , , , , ,

We have just released v 7.3.10 of the rsyslog development branch. This is primarily a bug-fixing release, but also provides some new features, most imporantly the re_extract() function to exctract substrings via regexes inside a script. Also, omrelp has been enhanced and moved to the new action syntax.

ChangeLog:

http://www.rsyslog.com/changelog-for-7-3-10-v7-devel/

Download:

http://www.rsyslog.com/rsyslog-7-3-10-v7-devel/

As always, feedback is appreciated.

Best regards,
Tim Eifler

Scroll to top