Stack Overflow
Stack Overflow

Questions tagged [rsyslog]

Rsyslog is enhanced syslogd with lot of enhanced features

Rsyslog is enhanced syslogd and supports among other things MYSQL, PostgreSQL, failover log destination etc. Features like encryption, failover destination, precise timestamps etc make it a ideal candidate for enterprise log management. It is available in both flavors: with support and community edition.

References:

729 questions
38
votes
3 answers

Multiline log records in syslog

So I've configured my Python application to log to syslog with Python's SysLogHandler, and everything works fine. Except for multi-line handling. Not that I need to emit multiline log records so badly (I do a little), but I need to be able to read…
Shay Rojansky
  • 15,357
  • 2
  • 40
  • 69
23
votes
2 answers

Confused with syslog message format

I am a bit confused about syslog message format. I have to write a program that parses syslog messages. When I read what I get in my syslog-ng instance I get messages like this: Jan 12 06:30:00 1.2.3.4 apache_server: 1.2.3.4 - -…
qwix
  • 251
  • 1
  • 2
  • 3
17
votes
1 answer

rsyslogd and characters #012 and #015

I use rsyslogd version 5.8. The characters \n and \r are dumped as #012 and #015 in the log file. Example (by entering command: printf "example-test[\r]" | logger) : <13> 2014-07-07T11:01:03.254 root: example-test[#015] I would rather like to dump…
user803422
  • 2,636
  • 2
  • 18
  • 36
13
votes
1 answer

How can I log from Python to syslog with either SysLogHandler or syslog on Mac OS X *and* Debian (7)

I've followed several answers here on SO to no avail. I'm developing on a Macbook (Yosemite), but our test/production boxes are Debian 7 (using rsyslog). I'm trying to log out to syslog in a way that will work both locally and not. I tried the…
Wayne Werner
  • 49,299
  • 29
  • 200
  • 290
12
votes
2 answers

Filebeat vs Rsyslog for forwarding logs

I am currently using filebeat to forward logs to logstash and then to elasticsearch. Now, I am thinking about forwarding logs by rsyslog to logstash. The benefit of this would be that, I would not need to install and configure filebeat on every…
Luv33preet
  • 1,686
  • 7
  • 33
  • 66
12
votes
4 answers

Logstash vs Rsyslog for log file aggregation

I am working on a solution for centralized log file aggregation from our CentOs 6.x servers. After installing Elasticsearch/Logstash/Kibana (ELK) stack I came across an Rsyslog omelasticsearch plugin which can send messages from Rsyslog to…
alecswan
  • 3,670
  • 5
  • 25
  • 35
12
votes
1 answer

Centralized rsyslog : max size of message

I configured a centralized syslog on Ubuntu 12.04. I set the max message size on both servers $MaxMessageSize 20k I have 2 different comportment : client : message are logged completly server : message are truncated at 2k I can find configuration…
fauguste
  • 399
  • 1
  • 2
  • 17
12
votes
2 answers

Writing log data to syslog using log4j

I'm unable to write log messages into syslog. Any help would be great. Here is my simple log4j program import org.apache.log4j.Logger; import java.io.*; import java.sql.SQLException; import java.util.*; public class log4jExample { /* Get actual…
Sandeep Rao
  • 1,749
  • 6
  • 23
  • 41
12
votes
2 answers

How to configure syslog so that an applications log goes to a specific file

I have an application myapp which should send log files only to /var/log/myapp.log. myapp is written in C++. The following sample code, sends the logs to /var/log/syslog only. My os is Linux - Ubuntu 12.04 - to be specific. I also found that my…
suresh
  • 1,109
  • 1
  • 8
  • 24
11
votes
1 answer

How to make systemd kill or stop respawning the rsyslog daemon

It is great that systemd can keep rsyslog daemon alive even when it dies. But I am crafting a new rsyslog configuration file and need to start this rsyslog daemon in debug mode. Before I debug rsyslogd, I need to stop the production rsyslog daemon,…
John Greene
  • 2,239
  • 3
  • 26
  • 37
11
votes
1 answer

Config rsyslog with rails elastic beanstalk

I config remote loging for rails application with elastic beanstalk. I want to get logs from /var/log/puma/puma.log but only get some kernel and system informations. This is my config .ebextensions/papertrail.config packages: yum: rsyslog: [] …
1Rhino
  • 298
  • 3
  • 12
11
votes
2 answers

How can I find messages in Graylog based on level (syslog severity/priority)

I'm storing data from Drupal into syslog into Graylog. I'd like to find all messages based on their severity (what Graylog seems to call level). Here's a screenshot of some messages showing the "Level" field. These all happen to be Notices, but the…
greggles
  • 2,089
  • 5
  • 20
  • 38
10
votes
2 answers

rsyslog conditional RepeatedMsgReduction

I need to deactivate RepeatedMsgReduction on my Linux server to allow fail2ban to evaluate every failed login attempt. (See this bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440037) As I don't want to flood my log files, I would love…
Peter
  • 379
  • 4
  • 13
10
votes
1 answer

Increase precision of apache log to include milliseconds

I have modified the configuration of rsyslogd to disable RSYSLOG_TraditionalFileFormat. But still the apache log /var/log/apache/error.log is displaying only second-precission. Is there something else that needs to be configured?
blueFast
  • 41,341
  • 63
  • 198
  • 344
10
votes
3 answers

Why can't rsyslogd find libgcc_s.so.1?

Scenario: Running a debootstrapped Ubuntu 11.4 lxc guest on a Ubuntu 12.4 lxc host (both 64 bit) Inside the lxc guest, rsyslogd is constantly crashing with SIGABRT stating: libgcc_s.so.1 must be installed for pthread_cancel to…
UsAaR33
  • 3,536
  • 2
  • 34
  • 55
1
2 3
48 49