The rocket-fast system for log processing
Originally posted on the Sematext blog: Monitoring rsyslog’s Performance with impstats and Elasticsearch If you’re using rsyslog for processing lots of logs (and, as we’ve shown before, rsyslog is good at processing lots of logs), you’re probably interested in monitoring it. To do that, you can use impstats, which comes from input module for process […]
Originally posted on the Sematext blog: Using Elasticsearch Mapping Types to Handle Different JSON Logs By default, Elasticsearch does a good job of figuring the type of data in each field of your logs. But if you like your logs structured like we do, you probably want more control over how they’re indexed: is time_elapsed […]
Original post: Structured Logging with rsyslog and Elasticsearch via @sematext When your applications generate a lot of logs, you’d probably want to make some sense of them through searches and statistics. Here’s when structured logging comes in handy, and I would like to share some thoughts and configuration examples of how you could use a […]
In this scenario we want to receive cee-formatted messages from a different system with rsyslog, store the messages with MongoDB and then display the stored messages with Adiscon LogAnalyzer. This is a very common use-case. Please read through the complete guide before starting. We will split this guide in 3 main parts. These parts can […]
We have just released 7.3.1 of the v7-devel branch. This version increases template processing speed, for the $NOW-family of properties very considerably. It also contains a compatibility change in regard to lumberjack structured logging. ChangeLog: http://www.rsyslog.com/changelog-for-7-3-1-v7-devel/ Download: http://www.rsyslog.com/rsyslog-7-3-1-v7-devel/ As always, feedback is appreciated. Best regards, Florian Riedl
Download file name: rsyslog 7.3.1 (devel) rsyslog 7.3.1 (devel) sha256 hash: f893188c8aa6e9728478e765b2fd4132e11b6d6a7e8e46f87b624cc9aa5ef538 Author: Rainer Gerhards (rgerhards@adiscon.com) Version: 7.3.1 File size: 2.697 MB Download this file now!
Version 7.3.1 [devel] 2012-10-19 optimized template processing performance, especially for $NOW family of properties change lumberjack cookie to “@cee:” from “@cee: ” CEE originally specified the cookie with SP, whereas other lumberjack tools used it without space. In order to keep interop with lumberjack, we now use the cookie without space as well. I hope […]
Version 7.1.11 [beta] 2012-10-16 bugfix: imuxsock truncated head of received message This happened only under some circumstances. Thanks to Marius Tomaschwesky, Florian Piekert and Milan Bartos for their help in solving this issue. bugfix: do not crash if set statement is used with date field Thanks to Miloslav Trmač for the patch. change lumberjack cookie […]
Download file name: rsyslog 6.5.1 (beta) rsyslog 6.5.1 (beta) md5sum: e6f8ef3dc1acdb5b7f64a1046b7e8a8f5a4f39bc1ebd1bf02eb092394a6774b4 Author: Rainer Gerhards (rgerhards@adiscon.com) Version: 6.5.1 File size: 2.55 MB Download this file now!
Version 6.5.1 [BETA] 2012-10-11 added tool “logctl” to handle lumberjack logs in MongoDB imfile ported to new v6 config interface imfile now supports config parameter for maximum number of submits which is a fine-tuning parameter in regard to input baching added pure JSON output plugin parameter passing mode ommongodb now supports templates bugfix: imtcp could […]