rsyslog

High-performance log ingestion and ETL engine

rsyslog

High-performance log ingestion and ETL engine

rsyslog 7.1.6 (v7-devel) released

Adiscon SupportNews, Release Announcement, , , , ,

This version implements the input() and ruleset() statements, which finally permit a config file to be written in new style only. A sample can be found at

http://blog.gerhards.net/2012/09/rsyslogs-new-input-statement-quick-look.html

 

ChangeLog:

http://www.rsyslog.com/changelog-for-7-1-6-v7-devel/

Download:

http://www.rsyslog.com/rsyslog-7-1-6-v7-devel/

As always, feedback is appreciated.

Best regards,
Florian Riedl

Changelog for 7.1.5 (v7-devel)

adisconteamChangelog, , , , , , ,

Version 7.1.5 [devel] 2012-09-26

  • implemented RainerScript prifield() function
  • implemented RainerScript field() function
  • added new module imkmsg to process structured kernel log
    Thanks to Milan Bartos for contributing this module
  • implemented basic RainerScript optimizer, which will speed up script
    operations
  • bugfix: invalid free if function re_match() was incorrectly used
    if the config file parser detected that param 2 was not constant, some
    data fields were not initialized. The destructor did not care about that.
    This bug happened only if rsyslog startup was unclean.

rsyslog 7.1.5 (v7-devel) released

adisconteamNews, Release Announcement, , , , , , ,

The script engine has been enhanced with new functions and even better performance. There is also a new plugin (imkmsg), which offers support for structured kernel logs. Special thanks to Milan Bartos, who contributed this module. The 7.1.5 version completes the core of enhancements to support lumberjack structured logging (but of course there will be more enhancements in the future).
RPM files for 7.1.5 can be found at http://www.rsyslog.com/rhelcentos-rpms/

ChangeLog:

http://www.rsyslog.com/changelog-for-7-1-5-v7-devel/

Download:

http://www.rsyslog.com/rsyslog-7-1-5-v7-devel/

As always, feedback is appreciated.

Best regards,
Tim Eifler

Rsyslog Windows Agent 1.1b Released

Adiscon SupportNews, Release Announcement, , ,

Adiscon is proud to announce the 1.1b release of RSyslog Windows Agent. This is a minor release.

This release contains a bugfix for the Filterengine.

Build-IDs: Service 1.1.108, Client 1.1.119

Bugfixes

  • Fixed/Readded support for the “-r -o” command line switch. This command switch enables you to run the service in console mode for a single run only. This currently only works with one v1 Eventlog Monitor configured. In this case the service will process all Events, and quits the process afterwards.

Version 1.1 is a free download. Customers with existing 1.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.

How to use authpriv on Solaris

Adiscon SupportFAQ, ,

Usually you can filter for a facility by a facility name. In the case of authpriv which I want to describe now, this is fairly easy:

authpriv.*     /var/log/authprivlog

That will work just fine with rsyslog on any common Linux system.

But, when using Solaris, some things work similar and some work different. In the case of authpriv the name will not work. Thus you have to use a different way to filter for authpriv. Whilst the name will not work, the facility number works. So a possible filter looks like that:

if $syslogfacility == 10 then /var/log/authprivlog

Valid values would be 4 or 10 as described in RFC5424.

Scroll to top