rsyslog

问题 I just wonder why some tools have default configuration files with numbers in their names. For example: 50-default.conf (for rsyslog). What's the reason for this number and what does it mean ? 回答1: These numbers are for config file ordering and precedence. I.e. if the same parameter configuration is present in 10-smth.conf and 20-smth.conf the latter will overwrite first one. 来源： https://stackoverflow.com/questions/47407448/linux-configuration-files-names-with-numbers

问题 I am able get the stacktrace[exceptions] from rsyslog (v-8.13.0) to a common nxlog server which sends the logs to a papertrail server. But the nxlog server ignores these multiline logs to papertrail. I know there is a module (xm_multiline) in nxlog which can parse this, but not sure on how to integrate this with my current nxlog configuration file: ######################################## # Global directives # ######################################## User nxlog Group nxlog LogFile /var/log

问题 I have an application myapp which should send log files only to /var/log/myapp.log . myapp is written in C++. The following sample code, sends the logs to /var/log/syslog only. My os is Linux - Ubuntu 12.04 - to be specific. I also found that my machine has rsyslog than syslog installed. #include <stdio.h> #include <unistd.h> #include <syslog.h> int main(void) { openlog("myapp", LOG_PID|LOG_CONS, LOG_USER); syslog(LOG_INFO, "abc 10"); closelog(); return 0; } 回答1: According to the syslog(3)

问题 There are examples for log4j2 syslog for adding priority to log with xml using key, value but with log4j.properties files we can't add = symbol to value and I haven't any example to set LoggerFields for setting priority with RFS5454 format. This one is close LoggerFields for Syslog (output log priority and stack trace) None of the below works for LoggerField: appender.sumo_syslog.loggerFields={'key' : 'priority', 'value' : '%p'} or appender.sumo_syslog.loggerFields=[{'key' : 'priority',

问题 I'm setting up a python script that will parse the inputs received via UDP from another server. Since the message or number of messages can be received randomly, I'm trying to rsyslog omprog to parse the inputs. However, I'm unable to read the message on UDP and unable to send the input received as parameter to python using omprog Receiving syslog message from particular server will be stored in /var/log/pcrf_notification.log Therefore, I configured the rsyslog.conf like below: [root

问题 I am following this link ( http://www.rsyslog.com/how-to-use-tcpflood/ ) to send messages to rsyslog. I have cloned the git repository of rsyslog https://github.com/rsyslog/rsyslog.git While following the link http://www.rsyslog.com/how-to-use-tcpflood/ , I am getting below error while executing "make tcpflood" root1@atratus06:~/Debashish/rsyslog/tests$ make tcpflood cc tcpflood.c -o tcpflood tcpflood.c:86:20: fatal error: config.h: No such file or directory #include "config.h" ^ compilation

问题 In our java project, we send logs to all kinds of appenders. How do I log to rsyslog all logs that are written to those appenders from "error" level and higher by only changing configuration files such as log4j.xml (without meddling with the code)? in How to log error and info messages separately into syslog with log4j?, there is an explanation how to create a new appender, and from my understanding to follow up with that answer I need to touch the code. my log4j version is: 2.4.1 Here is a

问题 I am trying to use python logging module to log messages to a remote rsyslog server. The messages are received, but its concatenating the messages together on one line for each message. Here is an example of my code: to_syslog_priority: dict = { Level.EMERGENCY: 'emerg', Level.ALERT: 'alert', Level.CRITICAL: 'crit', Level.ERROR: 'err', Level.NOTICE: 'notice', Level.WARNING: 'warning', Level.INFO: 'info', Level.DEBUG: 'debug', Level.PERF: 'info', Level.AUDIT: 'info' } @staticmethod def make

问题 I am trying to log remote events to a mysql db sitting on a central rsyslog server (v5.10.1-0.7.49 - This is the default version in SLES11sp3). I have tried logging to a file and that works: :fromhost-ip, isequal, "147.110.250.217" /var/log/remotefile & ~ But when I try to change it to a mysql db it fails with a syntax error: :fromhost-ip, isequal, "x.x.x.x":ommysql:localhost,Syslog,user,pwd & ~ Error: Feb 20 11:16:27 idm-syslog rsyslogd: the last error occured in /etc/rsyslog.conf, line 61:"

问题 For reference, this is the regex tester I am using: http://www.rsyslog.com/regex/ How can I modify this regular expression: [^;]+ to receive multiple sub-matches for the following test string: ;first;second;third;fourth;fifth and sixth;seventh; I currently only receive one sub-match: first Basically I want each sub-match to consist of the content between ; characters, I am hoping for a sub-match list like this: first second third fourth fifth and sixth seventh 回答1: Following information given