rsyslog 6.3.8 (v6-devel) released
This is an important new release of the rsyslog v6 devel branch. Among others, it is the version that supports many of the new things done for project lumberjack, better cee-enhanced syslog support as well as a much-improved mongodb driver. The release also contains numerous other enhancements as well as bug-fixes. Please note that part of the feature set is still experimental and unstable in a sense that interfaces or similar thing “taken for granted” (e.g. the default MongoDB schema) may change in later releases.
As a preliminary measure, please make sure you are using the most current versions of libee (0.4.1), libestr (0.1.2) and liblognorm (0.3.4).
ChangeLog:
http://www.rsyslog.com/changelog-for-6-3-8-v6-devel/
Download:
http://www.rsyslog.com/rsyslog-6-3-8-v6-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 6.3.8 (v6-devel)
Download file name: rsyslog 6.3.8 (devel)
rsyslog 6.3.8 (devel)
md5sum: c4a38c6af19a8a902a2fc2806cf296e2
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 6.3.8 File size: 2.518 MB
Changelog for 6.3.8 (v6-devel)
Version 6.3.8 [DEVEL] 2012-04-16
- added $PStatJSON directive to permit stats records in JSON format
- added “date-unixtimestamp” property replacer option to format as a unix timestamp (seconds since epoch)
- added “json” property replacer option to support JSON encoding on a per-property basis
- added omhiredis (contributed module)
- added mmjsonparse to support recognizing and parsing JSON enhanced syslog messages
- upgraded more plugins to support the new v6 config format:
– ommysql
– omlibdbi
– omsnmp - added configuration directives to customize queue light delay marks $MainMsgQueueLightDelayMark, $ActionQueueLightDelayMark; both specify number of messages starting at which a delay happens.
- added message property parsesuccess to indicate if the last run higher-level parser could successfully parse the message or not (see property replacer html doc for details)
- bugfix: abort during startup when rsyslog.conf v6+ format was used in a certain way
- bugfix: property $!all-json made rsyslog abort if no normalized data was available
- bugfix: memory leak in array passing output module mode
- added configuration directives to customize queue light delay marks permit size modifiers (k,m,g,…) in integer config parameters
Thanks to Jo Rhett for the suggestion. - bugfix: hostname was not requeried on HUP
Thanks to Per Jessen for reporting this bug and Marius Tomaschewski for his help in testing the fix. - bugfix: imklog invalidly computed facility and severity
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=313 - added configuration directive to disable octet-counted framing for imtcp, directive is $InputTCPServerSupportOctetCountedFraming for imptcp, directive is $InputPTCPServerSupportOctetCountedFraming
- added capability to use a local interface IP address as fromhost-ip for locally originating messages. New directive $LocalHostIPIF
rsyslog 5.9.6 (v5-beta) released
This is the first beta version of the 5.9 rsyslog branch. It primarily contains bug fixes and some enhancements over 5.9.5. Most important ones are support for inotify in imfile as well as additional statistics counters. Note that 5.9.5 was made available in January 2012 and did not receive many bug reports. So we plan to put 5.9.6 on an expedited beta track, which hopefully will lead soon to a new v5-stable. As such, testing and feedback is most appreciated.
ChangeLog:
http://www.rsyslog.com/changelog-for-5-9-6-v5-beta/
Download:
http://www.rsyslog.com/rsyslog-5-9-6-beta/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 5.9.6 (beta)
Download file name: rsyslog 5.9.6 (beta)
rsyslog 5.9.6 (beta)
md5sum: 9a42c5ecb0338564011713cbc42c0faf
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.9.6 File size: 2.395 MB
Changelog for 5.9.6 (v5-beta)
Version 5.9.6 [V5-BETA], 2012-04-12
- added configuration directives to customize queue light delay marks
- permit size modifiers (k,m,g,…) in integer config parameters
Thanks to Jo Rhett for the suggestion. - bugfix: hostname was not requeried on HUP
Thanks to Per Jessen for reporting this bug and Marius Tomaschewski for his help in testing the fix. - bugfix: imklog invalidly computed facility and severity
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=313 - added configuration directive to disable octet-counted framing for imtcp, directive is $InputTCPServerSupportOctetCountedFraming for imptcp, directive is $InputPTCPServerSupportOctetCountedFraming
- added capability to use a local interface IP address as fromhost-ip for locally originating messages. New directive $LocalHostIPIF
rsyslog 5.8.10 (v5-stable) released
This is primarily a bugfixing release. There were some segfaults in conjunction with $ActionQueueFileName and when the disk-queue was started with a old queue file. Our thanks go to Tomas Heinrich for the Patches. In addition there was a memory leak that has also been fixed.
ChangeLog:
http://www.rsyslog.com/changelog-for-5-8-10-v5-stable/
Download:
http://www.rsyslog.com/rsyslog-5-8-10-v5-stable/
As always, feedback is appreciated.
Best regards,
Florian Riedl
Changelog for 5.8.10 (v5-stable)
Version 5.8.10 [V5-stable] 2012-04-05
- bugfix: segfault on startup if $actionqueuefilename was missing for disk queue config
Thanks to Tomas Heinrich for the patch. - bugfix: segfault if disk-queue was started up with old queue file
Thanks to Tomas Heinrich for the patch. - bugfix: memory leak in array passing output module mode
rsyslog 5.8.10 (v5-stable)
Download file name: rsyslog 5.8.10 (stable)
rsyslog 5.8.10 (stable)
md5sum: 485303281a71db1c8bf25234797ea171
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.8.10 File size: 2.391 MB
How to bind a template
This little FAQ describe how to bind a template.
First with the new template format “list” and then with the old “legacy” format.
First off all you have to define a template for example for specify output.
Here is an example template in the list format:
template(name=”FileFormat” type=”list”) {
property(name=”timestamp” dateFormat=”rfc3339″)
constant(value=” “)
property(name=”hostname”)
constant(value=” “)
property(name=”syslogtag”)
constant(value=” “)
property(name=”msg” spifno1stsp=”on” )
property(name=”msg” droplastlf=”on” )
constant(value=”\n”)
}
Then you have to bind the template to an action. You do this via the “template” parameter.
action(… template=”name-of-template”)
Here is an example action with a example-template:
*.* action(type=”omfile” file=”/var/log/all-messages.log” template=”Name-of-your-template”)
In the configuration it should looks like this:
template(name=”FileFormat” type=”list”) {
property(name=”timestamp” dateFormat=”rfc3339″)
constant(value=” “)
property(name=”hostname”)
constant(value=” “)
property(name=”syslogtag”)
constant(value=” “)
property(name=”msg” spifno1stsp=”on” )
property(name=”msg” droplastlf=”on” )
constant(value=”\n”)
}
action(type=”omfile” file=”/var/log/all-msgs.log” template=”FileFormat”)
Here is an example for obsolete legacy format
Here is an example template in the legacy format:
$template ExampleFormat,”%timereported:::date-rfc3339% %HOSTNAME% %msg%”
Here is an example action with a example-template:
*.* /var/log/all-messages.log;Your-Template-Name
In the Configuration it looks like this:
$template ExampleFormat,”%timereported:::date-rfc3339% %HOSTNAME% %msg%”
*.* /var/log/all-messages.log;ExampleFormat
Note that it is advised NOT to use obsolete legacy format for anything complex. Assigning templates is at the border of being not recommended.