Some core recipies

Writing specific messages to a file and discarding them

Messages with the text “error” inside the text part of the message shall be written to a specific file. They shall not be written to any other file or be processed in any other way. Things to think about The configuration given here should be placed on top of the rsyslog.conf file. Config Statements :msg, […]

Sending Messages to a Remote Syslog Server

In this recipe, we forward messages from one system to another one. Typical use cases are: the local system does not store any messages (e.g. has not sufficient space to do so) there is a (e.g. legal) requirement to consolidate all logs on a single system the server may run some advanced alerting rules, and […]

Receiving Messages from a Remote System

This is a log-consolidation scenario. There exist at least two systems, a server and at least one client. The server is meant to gather log data from all the clients. Clients may (or may not) process and store messages locally. If they do doesn’t matter here. See recipe Sending Messages to a Remote Syslog Server […]

Using a different log Format for all Files

Rsyslog comes with a limited set of log file formats. These resemble the default format that people (and log analyzers) usually expect. However, for some reason or another, it may be required to change the log format. In this recipe, we define a new format and use it as the default format for all log […]

Discarding unwanted messages

Often, there are some messages that you know you will never store in any log file. Even worse, these messages are sometimes very frequently emitted. There are various ways to get rid of those unwanted messages. First of all, you need to identify them. Then look carfully and see what is special with these messages. […]

Scroll to top