Skip to main content
Unix & Linux

Questions tagged [rsyslog]

Ask Question

rsyslog is a popular syslog daemon implementation commonly used on many Linux distributions, e.g. it is the default syslog daemon on Debian.

442 questions
Newest Active Bountied Unanswered
1 vote
0 answers
19 views

Ubuntu Rsyslog cannot read certificates because permission denies

I am setting up a syslog serer that will listen for logs from a Fortigate firewall. Rsyslog gets error "'/home/syslog_cert/ACDC_CA.pem' could not be accessed: Permission denied". This is my ...
Europa's user avatar
Europa
  • 113
-1 votes
1 answer
20 views

logrotate not working as per configuration provided

I am working on a java application running in Ubuntu Server (16.04) which copies log files from certain folders and consolidate then when user closes the session. In ubuntu server rsyslog filters and ...
Amudhan R's user avatar
Amudhan R
  • 3
0 votes
2 answers
41 views

How do I check which conf file was loaded by syslog-ng when starting?

I am running syslog-ng on debian. How do I check which conf file was loaded upon startup? Neither systemctl status syslog-ng nor systemctl show syslog-ng tell me.
skeetastax's user avatar
skeetastax
  • 153
0 votes
1 answer
67 views

rsyslog variable from mmnormalize as part of omfile filename

I have a log line that looks like this: May 20 10:25:42 192.168.20.100 Timestamp="2024-05-20 10:25:42",LogId="535666280",NodeId="192.168.1.100",Facility="Packet ...
azzid's user avatar
azzid
  • 1,000
1 vote
0 answers
24 views

How to change the facility of sshd

The default config in /etc/ssh/sshd_config is #SyslogFacility AUTH I added SyslogFacility LOCAL5 below, and local5.* /var/log/sshd.log in /etc/rsyslog.conf As usual restarted sshd and rsyslog....
Matrix24601's user avatar
Matrix24601
  • 11
0 votes
0 answers
15 views

rsyslog service mulfuction after server reboot

We recently faced an issue with rsyslog service on CentOS-7. This server was running for like 2-3 years continuously and we rebooted it last night. Since then rsyslogs are not written. Tried steps ...
Sachith Muhandiram's user avatar
Sachith Muhandiram
  • 183
-1 votes
1 answer
54 views

Portable logging from Python?

I am writing a small plugin for Postfix using python and want to it to emit logging messages. I am not particularly familiar with python and was advised to use loguru. This was certainly easy when I ...
symcbean's user avatar
symcbean
  • 5,831
1 vote
1 answer
21 views

How to use rsyslog ltrim function?

I would like to trim leading and trailing spaces from the msg field using rsyslog. I read it has functions called rtrim and ltrim but I can't find any explanation of how to use functions in ...
Elliott B's user avatar
Elliott B
  • 565
0 votes
1 answer
17 views

rsyslogd v3.x.x unexpectedly closes write connection to named pipe target

I've configured rsyslog to forward certain log messages to a named pipe /tmp/logger.pipe. I then have a separate process reading from the named pipe. Relevant section from /etc/rsyslog.conf # Remote ...
Izzo's user avatar
Izzo
  • 971
5 votes
1 answer
748 views

/var/log/auth.log stops recording authentication errors

As the title says, /var/log/auth.log stops recording authentication errors. It all began with I accidentally deleting it. Then I created it using touch command and changed the owner:group to syslog:...
zzzhhh's user avatar
zzzhhh
  • 95
0 votes
1 answer
53 views

function log2syslog in kali linux 2023.4

Can you please help me with this ? im trying to logging the bash commands. In Centos or another Linux OS works , but does not wotk in Kali Linux. I have created shell file with name log2syslog.sh in /...
George Filippaios's user avatar
George Filippaios
  • 1
0 votes
0 answers
41 views

What does rsyslog do if it fills up a named pipe?

I'm working on a C application that is intended to monitor and process the output of rsyslog. My research shows that a way to do this is to create a named pipe and then create a new syslog target that ...
Izzo's user avatar
Izzo
  • 971
0 votes
1 answer
49 views

remote clients logging to syslog in their own file questionable configs

I've got logservers set up to receive from clients on UDP/514 and write to a file with hostname/IP as the name using a ruleset. I've had the same configuration on different servers and sometimes it ...
sbusgs's user avatar
sbusgs
  • 1
0 votes
0 answers
35 views

rsyslog template regexp

I'm trying to split login users into his own log file. The log text to match is this: <user name> (<IP>): logged in For example: 370 (10.5.21.57): logged in Note that user name could be an ...
Rafael Dellà's user avatar
Rafael Dellà
  • 1
0 votes
0 answers
162 views

is it possible to prevent rsyslog messages going to systemd-journal log and how?

I have an iptables rule that is logging some of my networks activities into a log file using the jump LOG rule. I filter the events to go to a specific file using the following rsyslog configuration ...
Or Yaacov's user avatar
Or Yaacov
  • 81

15 30 50 per page
1
2 3 4 5
30