rsyslog error 3000
Generic failure
This is a stub entry: If you have questions please post a comment or visit the github issue tracker.
One thought on “rsyslog error 3000”
Leave a Reply
You must be logged in to post a comment.
The rocket-fast system for log processing
I configured rsyslog to send logs to remote ELK server.
Case 1) When I configure rsyslog like below queue is working
root@svlircid# cat /etc/rsyslog.d/10-rsyslog-remote.conf
$WorkDirectory /var/lib/rsyslog # Locatie voor spoolfiles
$ActionQueueFileName svlircid # prefixnaam voor spoolfiles ( wissen )
$ActionQueueMaxDiskSpace 1g # max grote spoolfiles
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList # asynchroon
$ActionResumeRetryCount -1 # blijven proberen if server down
$ActionSendStreamDriverAuthMode anon # Geen client-authenticatie
*.* @@testserver:6528
Case 2) When I configure like below i don;t see queue created.
root@svlircib# cat /etc/rsyslog.d/10-rsyslog-remote.conf
$WorkDirectory /var/lib/rsyslog # Locatie voor spoolfiles
$ActionQueueFileName svlircib # prefixnaam voor spoolfiles ( wissen )
$ActionQueueMaxDiskSpace 1g # max grote spoolfiles
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList # asynchroon
$ActionResumeRetryCount -1 # blijven proberen if server down
$ActionSendStreamDriverAuthMode anon # Geen client-authenticatie
template(name=\”JournalTemplate\” type=\”string\” string=\”%$!all-json%\\n\” ) #template for messages
action(type=\”omfwd\” protocol=\”tcp\” port=\”6528\” Target=\”testserver\” template=\”JournalTemplate\”)
Please let us know why in the second case queue is created when remote ELK server not reachable.
Regards,
Praveen.