syslog

RSyslog Windows Agent and CEE

The Rsyslog Windows Agent comes with support for the new CEE enhanced format out of the box. It is designed to work flawlessly with all components from the Adiscon product lines and other CEE enhanced-enabled products. And it is one of the first products to support the Project Lumberjack at all. If you do not […]

Using TLS for receiving log messages

In this guide, we want to describe, how to use the RSyslog Windows Agent with TLS encrypted syslog. This specific part will describe the setup steps for receiving syslog from a Linux rsyslog installation. First, as a preliminary, you should read the guide from the rsyslog documentation for “Encrypting Syslog Traffic with TLS (SSL)”. It […]

Sending messages with tags larger than 32 characters

The relevant syslog RFCs 3164 and 5424 limit the syslog tag to 32 characters max. Messages with larger tag length are malformed and may be discarded by receivers. Anyhow, some folks sometimes need to send tags longer than permitted. To do so, a new template must be created and used when sending. The simplest way […]

Changelog for 4.6.8 (v4-stable)

Version 4.6.8  [v4-stable] (rgerhards), 2011-09-01 bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 bugfix: potential misadressing in property replacer bugfix: memcpy overflow can occur in allowed sender checking if a name is resolved to IPv4-mapped-on-IPv6 address Found by Ismail Dönmez at suse bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)

Using a strgen module to write into a database

In many cases, log messages have to be transformed. This can be done in various ways with the property replacer for example. But processing messages this way can be rather slow, since the transformation part is no native code. In this case, strgen (string generator) is the way to go. A string generator is a […]

Storing and forwarding remote messages

In this scenario, we want to store remote sent messages into a specific local file and forward the received messages to another syslog server. Local messages should still be locally stored. Things to think about How should this work out? Basically, we need a syslog listener for TCP and one for UDP, the local logging […]

Scroll to top