Questions tagged [rsyslog]
rsyslog is a popular syslog daemon implementation commonly used on many Linux distributions, e.g. it is the default syslog daemon on Debian.
442
questions
1
vote
0
answers
19
views
Ubuntu Rsyslog cannot read certificates because permission denies
I am setting up a syslog serer that will listen for logs from a Fortigate firewall. Rsyslog gets error "'/home/syslog_cert/ACDC_CA.pem' could not be accessed: Permission denied".
This is my ...
-1
votes
1
answer
20
views
logrotate not working as per configuration provided
I am working on a java application running in Ubuntu Server (16.04) which copies log files from certain folders and consolidate then when user closes the session.
In ubuntu server rsyslog filters and ...
0
votes
2
answers
41
views
How do I check which conf file was loaded by syslog-ng when starting?
I am running syslog-ng on debian.
How do I check which conf file was loaded upon startup?
Neither
systemctl status syslog-ng
nor
systemctl show syslog-ng
tell me.
0
votes
1
answer
67
views
rsyslog variable from mmnormalize as part of omfile filename
I have a log line that looks like this:
May 20 10:25:42 192.168.20.100 Timestamp="2024-05-20 10:25:42",LogId="535666280",NodeId="192.168.1.100",Facility="Packet ...
1
vote
0
answers
24
views
How to change the facility of sshd
The default config in /etc/ssh/sshd_config is
#SyslogFacility AUTH
I added
SyslogFacility LOCAL5
below, and local5.* /var/log/sshd.log in /etc/rsyslog.conf
As usual restarted sshd and rsyslog....
0
votes
0
answers
15
views
rsyslog service mulfuction after server reboot
We recently faced an issue with rsyslog service on CentOS-7.
This server was running for like 2-3 years continuously and we rebooted it last night. Since then rsyslogs are not written.
Tried steps ...
-1
votes
1
answer
54
views
Portable logging from Python?
I am writing a small plugin for Postfix using python and want to it to emit logging messages. I am not particularly familiar with python and was advised to use loguru. This was certainly easy when I ...
1
vote
1
answer
21
views
How to use rsyslog ltrim function?
I would like to trim leading and trailing spaces from the msg field using rsyslog. I read it has functions called rtrim and ltrim but I can't find any explanation of how to use functions in ...
0
votes
1
answer
17
views
rsyslogd v3.x.x unexpectedly closes write connection to named pipe target
I've configured rsyslog to forward certain log messages to a named pipe /tmp/logger.pipe. I then have a separate process reading from the named pipe. Relevant section from /etc/rsyslog.conf
# Remote ...
5
votes
1
answer
748
views
/var/log/auth.log stops recording authentication errors
As the title says, /var/log/auth.log stops recording authentication errors. It all began with I accidentally deleting it. Then I created it using touch command and changed the owner:group to syslog:...
0
votes
1
answer
53
views
function log2syslog in kali linux 2023.4
Can you please help me with this ? im trying to logging the bash commands. In Centos or another Linux OS works , but does not wotk in Kali Linux. I have created shell file with name log2syslog.sh in /...
0
votes
0
answers
41
views
What does rsyslog do if it fills up a named pipe?
I'm working on a C application that is intended to monitor and process the output of rsyslog. My research shows that a way to do this is to create a named pipe and then create a new syslog target that ...
0
votes
1
answer
49
views
remote clients logging to syslog in their own file questionable configs
I've got logservers set up to receive from clients on UDP/514 and write to a file with hostname/IP as the name using a ruleset. I've had the same configuration on different servers and sometimes it ...
0
votes
0
answers
35
views
rsyslog template regexp
I'm trying to split login users into his own log file.
The log text to match is this: <user name> (<IP>): logged in
For example: 370 (10.5.21.57): logged in
Note that user name could be an ...
0
votes
0
answers
162
views
is it possible to prevent rsyslog messages going to systemd-journal log and how?
I have an iptables rule that is logging some of my networks activities into a log file using the jump LOG rule.
I filter the events to go to a specific file using the following rsyslog configuration ...