template Archives

LogAnalyzer: Facility and Severity is missing

By adisconteamPosted on June 19, 2015May 30, 2018Posted in FAQTagged default, facility, LogAnalyzer, logfile, logstream, missing, RFC5424, severity, source, tabs, template

Question: I use a logfile of rsyslog as source type in LogAnalyzer, everything is good but the facility and severity information tabs of the messages are missing, like in this screenshot. Answer: The solution is rather simple, your current file template does not contain syslog priority or facility. Kindly switch to RSYSLOG_SyslogProtocol23Format which is RFC5424 […]

rsyslog 8.3.2 (v8-devel) released

By Adiscon SupportPosted on May 2, 2014May 30, 2018Posted in News, Release AnnouncementTagged 8.3.2, bugfix, devel, imrelp, mmexternal, release, rsyslog, template, v8

We have just released 8.3.2 of the v8-devel branch. This is primarily a bug-fixing release, but it also adds the ability to extract parts of a timestamp via the property replacer and adds support for per-listener imrelp rulesets (thanks to bobthesecurityguy for the patch!). ChangeLog: http://www.rsyslog.com/changelog-for-8-3-2-v8-devel/ Download: http://www.rsyslog.com/download-v8-devel/ As always, feedback is appreciated. Best regards, […]

Filter optimization with arrays

By Adiscon SupportPosted on January 10, 2013May 30, 2018Posted in FAQTagged array, dynafile, filter, if then, property, template

If you are using a lot of filters and templates in rsyslog, this can not only be affecting the performance drastically, but it is also a hassle to set up all the different actions and templates. It is always worthy to check, if there isn’t a shortcut somewhere, which might not only save you time […]

rsyslog 6.5.0 (v6-devel) released

By Adiscon SupportPosted on August 28, 2012May 30, 2018Posted in News, Release AnnouncementTagged 6.5.0, bugfix, devel, release, template, templates, v6

This is an important new release of the rsyslog v6 devel branch. This release contains bugfixes, as well as new features. The most important one might be the possibility to use the config format for templates.. Please note that part of the feature set is still experimental and might be unstable. ;) ChangeLog: http://www.rsyslog.com/changelog-for-6-5-0-v6-devel/ Download: […]

Changelog for 6.5.0 (v6-devel)

By Adiscon SupportPosted on August 28, 2012May 30, 2018Posted in ChangelogTagged 6.5.0, bugfix, Changelog, devel, imrelp, rsyslog, template, templates, v6

Version 6.5.0 [devel] 2012-08-28 imrelp now supports non-cancel thread termination (but now requires at least librelp 1.0.1) implemented freeCnf() module interface This was actually not present in older versions, even though some modules already used it. The implementation was now done, and not in 6.3/6.4 because the resulting memory leak was ultra-slim and the new […]

How to bind a template

By adisconteamPosted on March 21, 2012July 6, 2018Posted in FAQTagged bind a template, specify output, template, use a template

This little FAQ describe how to bind a template. First with the new template format “list” and then with the old “legacy” format. First off all you have to define a template for example for specify output. Here is an example template in the list format: template(name=”FileFormat” type=”list”) { property(name=”timestamp” dateFormat=”rfc3339″) constant(value=” “) property(name=”hostname”) constant(value=” […]

Storing and forwarding remote messages

By Adiscon SupportPosted on April 1, 2011May 30, 2018Posted in More complex scenariosTagged Guides for rsyslog, More complex scenarios, rsyslog, ruleset, syslog, TCP, template, UDP

In this scenario, we want to store remote sent messages into a specific local file and forward the received messages to another syslog server. Local messages should still be locally stored. Things to think about How should this work out? Basically, we need a syslog listener for TCP and one for UDP, the local logging […]