Hey all,
I'm hoping someone can help me out with a configuration issue I've got.
I'm following this guide:
https://docs.splunksecurityessentials.com/data-onboarding-guides/cisco-asa/
It has two configuration files named splunk.conf and
splunk-cisco_asa.conf. I can see that the first file is
You can ignore this request now.
I stumbled upon the regex expression checker/generator and I can see the
syntax is different, and that's why it's not working.
Thanks anyway!
On 16/06/2022 12:58, Will BMD via rsyslog wrote:
Hey all,
I'm hoping someone can help me out with a configuration
Hi John/Team,
Please find the attached configuration files and i am running this RHEL 8.6.
rsyslogd 8.2102.0-7.el8_6.1 (aka 2021.02) compiled with:
PLATFORM: x86_64-redhat-linux-gnu
PLATFORM (lsb_release -d):
FEATURE_REGEXP: Yes
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow
Hi Team,
My rsyslog service is getting restarted very frequently and we understand
it is due to race between the various threads, which causes one thread to
free a message field while another tries to read/write it.
log:
===
==3035157==ERROR: AddressSanitizer: heap-buffer-overflow on address
Multiple instances are easy, but care needs to be taken to ensure they don’t
collide. However, the first course of action to be to sanity check the
existing configuration AND make sure that it is not an “old” version of rsyslog.
The list may be able to help if you post your entire
On 16.06.2022 16:21, vijay kumar via rsyslog wrote:
Hi Team,
My rsyslog service is getting restarted very frequently and we understand
it is due to race between the various threads, which causes one thread to
free a message field while another tries to read/write it.
[cut]
would be to have
On 16.06.2022 17:28, Mariusz Kruk via rsyslog wrote:
On 16.06.2022 16:21, vijay kumar via rsyslog wrote:
Hi Team,
My rsyslog service is getting restarted very frequently and we
understand
it is due to race between the various threads, which causes one
thread to
free a message field while
The warning message simply indicates that rsyslog has detected that the
program (.rsysevent32790.sh) has exited.
The way omprog is intended to be used is as follows: it launches the
program attaching a pipe to its stdin, the program should continuously read
lines (logs) from the pipe, until the
I forgot to mention: also attach your rsyslog configuration please.
On Thu, Jun 16, 2022, 19:55 Joan Sala wrote:
> The warning message simply indicates that rsyslog has detected that the
> program (.rsysevent32790.sh) has exited.
>
> The way omprog is intended to be used is as follows: it
That's right, after the reset there is no warning on the first "Start
PLC now!" but after the second ... a warning/ error 2119 appears.
On the second attempt, the function write fails with errno=EPIPE.
written = write(pChildCtx->fdPipeOut, ((char*)szMsg) + offset,
len - offset);
it's important to realize how Rsyslog processes the config files.
It does not care what you have in what file.
if you start rsyslog with -o /path/to/file then the file will have the config as
rsyslog sees it.
When rsyslog starts, it goes through the file and finds all the module and input
11 matches
Mail list logo
