El vie., 29 mar. 2019 a las 17:25, Jacobi, Daniel via rsyslog
() escribió:
>
> I played a bit with logger:
>
> logger --rfc5424 Testmessage control and so on
> logger -d -P 514 -n localhost --rfc5424 Testmessage control and so on
>
> and found that with udp the message got parsed correctly (I had
El mar., 2 abr. 2019 a las 14:54, Mauricio Tavares via rsyslog
() escribió:
> > Are the docs in a public git? Where can people ask for clarification
> > about things before submitting (probably wrong) patch requests against
> > the docs?
> Adding to what was said, how about if we have
Sent from phone, thus brief.
Marc Haber via rsyslog schrieb am Di., 2. Apr.
2019, 15:48:
> On Tue, Apr 02, 2019 at 03:08:15PM +0200, Rainer Gerhards via rsyslog
> wrote:
> > El mar., 2 abr. 2019 a las 14:54, Mauricio Tavares via rsyslog
> > () escribió:
> > > >
> *.* action(
> type="omfwd"
> ruleset="linux_forward"
> tag="rsyslog"
> name="rsyslog"
> )
Which doc do you use as reference for this? Or, more general, which
doc link do you use to craft the configs?
Rainer
___
rsyslog mailing list
El mar., 26 mar. 2019 a las 7:23, Ani Sinha via rsyslog
() escribió:
>
> On Mar 26, 2019, 11:50 AM +0530, Ani Sinha via rsyslog
> , wrote:
> Hi :
>
> I wanted to look up the data related to some bugs but my usual mailing list
> credentials do not work. How do I get access to bugzilla?
This has
can you show a concrete sample log? Can you do a network capture and
show what exactly is on the wire?
Rainer
El mar., 26 mar. 2019 a las 14:24, Scot Kreienkamp
() escribió:
>
> Bug, logic error, or just a case that nobody thought of? I'm not a
> programmer so I'm not sure I'll be much help.
>
looks bad ATM :(
Rainer
El mar., 26 mar. 2019 a las 13:49, Scot Kreienkamp via rsyslog
() escribió:
>
> Hi Rainer, have you had a chance to look at this yet?
>
>
> Scot Kreienkamp |Senior Systems Engineer | La-Z-Boy Corporate
> One La-Z-Boy Drive| Monroe, Michigan 48162 | Office: 734-384-6403
What does this do?
Rainer
El dom., 24 mar. 2019 a las 17:46, Kanniganti Kalyani via rsyslog
() escribió:
>
> Hi
>
> How can we configure below ssh and auth in rsyslog.conf file.
>
>
>
> # auth,authpriv.* -/var/log/secure
> filter f_secure { facility(auth, authpriv); };
> destination d_secure {
El dom., 24 mar. 2019 a las 18:17, Kanniganti Kalyani
() escribió:
>
> HI,
>
> It will log the ssh failures and success logins.
I think ssh logs via "auth" facility? If so, you can use
auth.* /var/log/filename
HTH
Rainer
>
>
> BR,
> Kalyani.k
>
>
>
> From:"Rainer Gerhards"
> To:
El lun., 25 mar. 2019 a las 7:27, Marc Haber via rsyslog
() escribió:
>
> Hi,
>
> On Thu, Feb 07, 2019 at 08:01:26AM +0800, 杨华杰 via rsyslog wrote:
> > Most of the tutorials I found on the internet are out of dated, and I have
> > found old syntax configuration are not supported anymore.
>
> I have
Sent from phone, thus brief.
Gorman, Kevin via rsyslog schrieb am Mi., 3.
Apr. 2019, 21:57:
> I want everything to go through the ruleset to the remote system.
> As I understand it, the inputs are each forwarded by the ruleset= and
> everything in rsyslog.conf is forwarded as *.* in the call.
>
Sent from phone, thus brief.
Gorman, Kevin via rsyslog schrieb am Mi., 3.
Apr. 2019, 21:57:
> I want everything to go through the ruleset to the remote system.
> As I understand it, the inputs are each forwarded by the ruleset= and
> everything in rsyslog.conf is forwarded as *.* in the call.
El mié., 3 abr. 2019 a las 17:13, Gorman, Kevin
() escribió:
>
> I'm using any and all docs on https://www.rsyslog.com/doc/v8-stable, posts on
> the internet, etc. The thing is there are few actual configuration examples
> and info on how to actually use the various syntax for rsyslog, but lots
El mié., 3 abr. 2019 a las 23:13, Gorman, Kevin via rsyslog
() escribió:
>
> My desire for modularity comes from the fact that I need to use puppet to
> configure many hosts, and numerous customer environments. Thus, I want to
> define the destination address, etc.in one file, which will vary
rsyslog version?
Rainer
El mié., 3 abr. 2019 a las 14:47, Jacobi, Daniel via rsyslog
() escribió:
>
> Hi list,
>
> I have a problem with restoring messages after restart of rsyslog.
>
> I send Log-messages via omhttp to an external REST-endpoint. This is working.
> Then I wanted to store all
El vie., 5 abr. 2019 a las 7:47, Tuan Minh Duong via rsyslog
() escribió:
>
> Hi All,
>
> I'm using rsyslog 8.4.0 and try to log a msg with RFC5424 with msgid.
> For example:
> logger "Testing testing" --msgid "testmsgid" --rfc5424
>
> But when I configure the rsyslog.conf to filter the msg base
El vie., 5 abr. 2019 a las 18:25, John Chivian via rsyslog
() escribió:
>
> imfile "polling" is the old way, and an interval of 1 is very
> "expensive" from a resource utilization standpoint, so I recommend using
> inotify if possible especially for system local file systems. That
> said, there
The question is what process reads the pipe and how slow is it?
Rsyslog handles several ten- to hundered thousend messages per second
in most setup. But of course it depends on how fast or slow the
actions are.
HTH
Rainer
El dom., 7 abr. 2019 a las 18:11, Nils Magnusson via rsyslog
() escribió:
El lun., 8 abr. 2019 a las 7:43, David Lang via rsyslog
() escribió:
>
> by default, a pipe is a buffer of 64k by default. Rsyslog will write to fill
> that buffer, and then have to stop until the thing reading the buffer can be
> scheduled by the OS to run and fill the buffer.
I would think that
> (The suspended.duration seems to be 30 seconds times the number of
> suspensions; maybe that's default rsyslog behavior?)
yup
Rainer
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
This is actually a red-hat contributed module. It is in the plugin
directory just because of historical reasons. The core team does NOT
support it. We don't even have a test environment.
Raienr
El mar., 9 abr. 2019 a las 7:56, Peter Viskup via rsyslog
() escribió:
>
> Just looked for secured
does that mean rsyslog now also needs to provide functionality to set
elasticsearch config params? Sounds strange, but if it is so, we
should file an enhancement issue.
Rainer
El vie., 12 abr. 2019 a las 10:42, David Lang via rsyslog
() escribió:
>
> a google search for "elasticsearch set the
El vie., 12 abr. 2019 a las 14:29, John Chivian via rsyslog
() escribió:
>
> Hello Maintainers:
>
> I noticed that after going from v8.1901 to v8.1903 that imfile-state
> files are created almost immediately (within seconds or minutes) of the
> monitored file appearing. I like this better
El vie., 12 abr. 2019 a las 15:07, John Chivian via rsyslog
() escribió:
>
> Rainer's explanation makes more sense ("when rsyslog wants to") as I
> have the PersistStateInterval=0 which is supposed to mean "only at end
> of execution". But it's not "only at end of execution" anymore, that's
>
El mié., 17 abr. 2019 a las 9:09, Flo Rance via rsyslog
() escribió:
>
> Hi,
>
> Where can we find some documentation for the new contrib modules,
> especially imdocker ?
Did you have a look at the doc that comes with the release?
Online it's at the usual place as well:
Hi all,
the solution is pretty simple: rsyslog does what it is expected to do:
it uses a special parser to do some extra tricks to get some more
precise info. This parser handles what usually is found on the system
log socket. FreeBSD has now changed the standard format in their case.
So the
I suggest to open a GitHub issues, as the code is most likely the same as
current. I can than see if the contributor steps in.
Rainer
Sent from phone, thus brief.
Peter Viskup schrieb am Fr., 14. Juni 2019, 13:37:
> Can just confirm it is the same with 8.1901 from official Debian backports
>
Just so that you get a reply: I have no idea of what is the differnce
between CentOS and Amazon linux.
Rainer
El vie., 14 jun. 2019 a las 15:33, Li, Mike via rsyslog
() escribió:
>
> Hi,
> FYI, I was also to install epel6's rsyslog-8.1905.0-2.el6.x86_64.rpm and
>
El vie., 14 jun. 2019 a las 16:33, Li, Mike () escribió:
>
> Hi Rainer,
> I'm having issue with logging with rsyslog-8.1905.0.2.el6 which stops working
> after some time.
> ./tcpflood -m10 -p514 -Ttcp -t10.162.65.173
> 1 open connections
> starting run 1
> Sending 10 messages.
> 0010
El mar., 11 jun. 2019 a las 20:16, Michael Biebl () escribió:
> If the problem is reliably reproducible (which seems to be on affected
> systems), maybe a git bisect would actually be the quickest way to
> find the commit causing this.
Good point!
@tobias: can you build from source?
If not, we
up until recently, rsyslog also enforced a secure setup.
Unfortunately, people seemed to care less about it. We got so many
request that we now have a decently certless mode (DH proper
encryption, but MITM possible). Maybe those web sites describe that
mode. If you can use it boils down to the
FYI: I guess this thread here is a duplicate of
https://github.com/rsyslog/rsyslog/issues/3686
Knowing the full config would be useful. Can be created via
$ rsyslogd -f /etc/rsyslog.conf -o /tmp/full_rsyslog_conf
where -f should point to the main config file and the file pointed to
by -o
Hi Tobias,
this is the "quick guide" to generate a debug log:
https://www.rsyslog.com/doc/v8-stable/troubleshooting/howtodebug.html
- just do the "regular debug" part and let it run until the problem
manifests.
We also have more elaborate ones, but I guess this one is sufficient
(let's keep it
El mar., 11 jun. 2019 a las 14:33, Heaton, Tobias
() escribió:
>
> Hello Rainer,
>
> Thank you for the information. I set the debug configuration, updated rsyslog
> and restarted. After about 5 minutes, the logs are starting to slow and the
> debug log is well over 12GB in size.
>
> It seems
El mar., 11 jun. 2019 a las 19:23, Heaton, Tobias
() escribió:
>
> Rainer,
>
> I traced my steps and allowed rsyslog to run for 45 minutes without seeing a
> failure.
>
> The debug puts considerable strain on the system, so much so that the log
> timestamps started drifting. I was seeing logs
El vie., 14 jun. 2019 a las 20:32, David Lang via rsyslog
() escribió:
>
> no, you can't have one action() statement direct to multiple sockets. you
> should
> be able to have separate action() statements with filters as to what goes to
> which action.
Looks like you need to use old style config
I noticed the list seems to have been stripped from CC. Thus
forwarding. I hope someone on the list might have more insight into
this. Pls keep list CCed.
Rainer
El mié., 19 jun. 2019 a las 0:05, Li, Mike () escribió:
>
> Rainer,
> It seems if at a rate of sustained tcpflood -m13000 -p514 -Tudp
I just re-checked, but OBS does currently not support Debian 10. So I
cannot enable it.
Rainer
El mar., 25 jun. 2019 a las 10:51, Peter Viskup via rsyslog
() escribió:
>
> When it is planned to make Debian 10 repositories on openSUSE build service?
> Debian 10 release is planned on 6.7.2019 and
After writing this, I realized that Debian 10 probably means unstable.
I have enabled that in OBS and it has built. Does that help?
Rainer
El mar., 25 jun. 2019 a las 13:35, Rainer Gerhards
() escribió:
>
> I just re-checked, but OBS does currently not support Debian 10. So I
> cannot enable it.
It's probably easier to answer if you post your current full config. I
guess it is just missing a "stop" statement at the right place.
Rainer
El mié., 12 jun. 2019 a las 16:46, Gerald Pruchniewski via rsyslog
() escribió:
>
> I have an issue I’m stuck on and I’m hoping someone here has the
Missing configure options. Use
./configure.sh --help
Rainer
Sent from phone, thus brief.
Li, Mike via rsyslog schrieb am Do., 13. Juni
2019, 22:45:
> Hi Rich,
> I ran
> make check
> From rsyslog and tests folders
> Both gave
>
>
a las 17:49, Ansgar Puester via rsyslog
() escribió:
>
> Hello Rainer,
>
> Am 12.06.2019 um 12:48 schrieb Rainer Gerhards via rsyslog:
> > FYI: I guess this thread here is a duplicate of
> > https://github.com/rsyslog/rsyslog/issues/3686
> >
> > Knowing
El jue., 13 jun. 2019 a las 19:04, Heaton, Tobias
() escribió:
>
> Looking at the aforementioned link, my config is considerably simpler. I did
> read about the suggested bump to the devel release, but given our syslog
> server is production I hesitate to continue testing and risk further loss
Pls keep the list CCed...
El mié., 19 jun. 2019 a las 14:25, Li, Mike () escribió:
>
> Hi Rainer
> The tcpflood commands are run in a loop of 5000
Interesing. Does the problem disappear if you increate the volume per
tcpflood run by, say 10 times and reduce the out loop to 500?
> Will it help
extra idea: one thing you could do is try the test under valgrind
control. It probably gives us a hint what is going wrong.
Rainer
El mié., 19 jun. 2019 a las 14:30, Rainer Gerhards
() escribió:
>
> Pls keep the list CCed...
>
> El mié., 19 jun. 2019 a las 14:25, Li, Mike () escribió:
> >
> >
El jue., 20 jun. 2019 a las 9:36, Peter Viskup () escribió:
>
> Confirm the sd_notify interface working now for rsyslog from OBS Debian9
> repositories.
> Thank you.
thanks for the confirmation!
Rainer
>
> On Tue, Jun 18, 2019 at 1:26 PM Rainer Gerhards
> wrote:
>>
>> Peter,
>>
>> I guess I
Peter,
I guess I won my fight with OBS and, if so, new packages with systemd
support are now building. Should be available soon. Would be great if
you could check.
Rainer
El mar., 18 jun. 2019 a las 9:01, Peter Viskup via rsyslog
() escribió:
>
> Tried to start rsyslog 8.1904 in chrooted
El jue., 9 may. 2019 a las 18:45, Adam Chalkley via rsyslog
() escribió:
>
> Hi,
>
> Short version:
>
> Does rsyslog support the use of a variable when configuring action parameters?
no
Rainer
>
> Mock-up:
>
> action(
> name="email-alert-prod"
> type="ommail"
> ...
>
We don't even know where it's source is ;-)
John Chivian schrieb am Fr., 24. Mai 2019, 00:04:
> Thanks Rainer, I know it's not an Adiscon module, but I was hoping someone
> here could be of more help than M$ cloud (lack of) support.
>
> On 5/23/19 4:34 PM, Rainer Gerhards wrote:
>
> We don't
We don't know of omazuremds.
Rainer
John Chivian via rsyslog schrieb am Do., 23.
Mai 2019, 17:59:
> Hello Experts:
>
> I was handed an Azure VM and told to build an rsyslog server. The
> version in place was v8.24 (go figure) and when I updated it to v8.1904
> the Azure omazuremds module
El jue., 16 may. 2019 a las 9:09, David Lang () escribió:
>
> On Thu, 16 May 2019, Rainer Gerhards wrote:
>
> > El jue., 16 may. 2019 a las 7:46, David Lang via rsyslog
> > () escribió:
> >>
> >> I saw a issue that said that the version of gnutls shipped in RHEL6 has
> >> serious problems. I'm not
El jue., 16 may. 2019 a las 7:46, David Lang via rsyslog
() escribió:
>
> I saw a issue that said that the version of gnutls shipped in RHEL6 has
> serious problems. I'm not finding detals easily, can someone give a brief
> explination of the problem?
I couldn't find the issue tracker, there
El jue., 16 may. 2019 a las 9:57, Joan via rsyslog
() escribió:
>
> I am trying the expression below to detect the time format from java
> (13-May-2019 09:18:42.268)
>
> startmsg.regex="^[[:digit:]]{2}-[[:alpha:]]{3}-[[:digit:]]{4}
> >
Great to hear! It's not that intuitive, I know. Any idea how to make
this more obvious to users?
Rainer
El jue., 16 may. 2019 a las 16:59, Joan () escribió:
>
> Thanks a lot, it's working now
>
> Missatge de Rainer Gerhards del dia dj., 16 de
> maig 2019 a les 11:03:
>>
>> El jue., 16 may.
ars and I am
hesitant to change that...
Rainer
>
> David Lang
>
> On Thu, 16 May 2019, Rainer Gerhards via rsyslog wrote:
>
> > Great to hear! It's not that intuitive, I know. Any idea how to make
> > this more obvious to users?
> >
> > Rainer
> >
El jue., 16 may. 2019 a las 19:33, David Lang () escribió:
>
> On Thu, 16 May 2019, Rainer Gerhards wrote:
>
> >> I believe that the right thing to do is to abort the connection, but it
> >> seems
> >> that rsyslog is dieing instead of just failing the connection (in this
> >> case, it
> >>
El jue., 16 may. 2019 a las 19:06, David Lang () escribió:
>
> On Thu, 16 May 2019, Rainer Gerhards wrote:
>
> > El jue., 16 may. 2019 a las 9:09, David Lang () escribió:
> >>
> >> On Thu, 16 May 2019, Rainer Gerhards wrote:
> >>
> >>> El jue., 16 may. 2019 a las 7:46, David Lang via rsyslog
> >>>
If you do NOT load imklog, what do you see. Yes, I know... I want to
be sure that you do not see kernel logs that come in via journal
(which is what I suspect). Along the same lines, what do you see if
you do NOT load imjournal but imklog?
Rainer
El jue., 2 may. 2019 a las 14:41, Alan Martinovic
This is a librelp debugging message. It means that librelp, for
internal reasons, needed in increase the transport layer window above
the configured/regular interval. Happens most often in retry
situations. Is transient and (usually) harmless. Has nothing to do
with rsyslog queues.
HTH
Rainer
El
El jue., 4 jul. 2019 a las 13:30, Peter Viskup () escribió:
>
> On Thu, Jul 4, 2019 at 11:51 AM Rainer Gerhards
> wrote:
>>
>> Hijacking the thread just slightly...
>>
>> El jue., 4 jul. 2019 a las 9:51, Peter Viskup via rsyslog
>> () escribió:
>> >
>>
>> > The use of package from backports is
pls post your config - this could be a bug inside rsyslog.
Rainer
El mar., 25 jun. 2019 a las 19:02, Li, Mike via rsyslog
() escribió:
>
> Hi
> Working with
> rsyslog-8.1905.0-2.el6.x86_64
> rsyslog-gnutls-8.1905.0-2.el6.x86_64
> rsyslog-openssl-8.1905.0-2.el6.x86_64
> But saw the following:
>
use dash ('-') instead of a name, see
https://www.liblognorm.com/files/manual/configuration.html#fields
HTH
Rainer
El vie., 28 jun. 2019 a las 0:57, Jason Prouty via rsyslog
() escribió:
>
> I am trying to normalize a log to a mysql data base
>
>
> the messages is appended by
>
> Date time host
El mar., 2 jul. 2019 a las 14:42, Naoum, A. (Alexandros)
() escribió:
>
>
>
> Perfect, that works. I was hesitating to add staff inside the ruleset but it
> was what needed
you need to be aware that "set" is actually an action, something that
performs work. It's not purely declarative (like
Hijacking the thread just slightly...
El jue., 4 jul. 2019 a las 9:51, Peter Viskup via rsyslog
() escribió:
>
> The use of package from backports is not always the best option as those
> versions also come with new bugs and regressions.
> For example in 8.1905 release there was important
El mar., 2 jul. 2019 a las 21:13, Michael Biebl via rsyslog
() escribió:
>
> Hi everyone,
>
> in case you don't know me, I'm the (official) maintainer of rsyslog in Debian.
> I put the official in parenthesis as I know there are deb packages as
> well provided by Adiscon directly.
Michael, I
As I said:
I guess it's useless to try to fix it with that version.
Rainer
Sent from phone, thus brief.
rsyslog--- via rsyslog schrieb am Mi., 10. Apr.
2019, 20:38:
> Update on this. Since we changed we removed PollingInterval to
> module(load="imfile" mode="inotify").
>
> To followup is the
see https://www.rsyslog.com/doc/v8-stable/concepts/multi_ruleset.html
Actual sample for your case is towards the end of the document.
HTH
Rainer
El mar., 9 abr. 2019 a las 19:01, Ken Morley via rsyslog
() escribió:
>
> I am running rsyslogd v8.24.0-34.el7 on CentOS 7 and I have it configured to
If you expose the host to the Internet, you should at least install
iptables or similar solution. There is some access control directly in
rsyslog, but using ip layer firewall is much more robust (by design).
Rainer
El mié., 17 abr. 2019 a las 14:14, Alan Martinovic via rsyslog
() escribió:
>
>
If the related error message bugs, you can also simply filter it out
via the regular rules, e.g
if $msg contains "blub" then stop
at a place towards the top of rsyslog.conf (before any files are written).
Rainer
El mié., 17 abr. 2019 a las 16:49, Flo Rance via rsyslog
() escribió:
>
> Yes, I
Once a parse successfully parsed, no other one is invoked.
Rainer
Sent from phone, thus brief.
Brian Candler via rsyslog schrieb am Di., 23.
Apr. 2019, 22:03:
> On 23/04/2019 20:50, David Lang wrote:
> > where in the documentation does it say a ruleset can have a parser?
> >
>
Can you get me a backtrace of one of these aborts. Best with debug symbols.
Rainer
Sent from phone, thus brief.
Li, Mike via rsyslog schrieb am Mi., 10. Juli
2019, 15:01:
> I'm also seeing more of the segfault messages in 1907 and restarts of
> rsyslogd
> [455973.614327] rs:main Q:Reg[31261]:
Hi all,
I wanted to highlight that the so called "devel" version nowadays is
also a stable and worth serious consideration in many environments.
Please have a look here:
https://rainer.gerhards.net/2019/06/rsyslogs-daily-stable.html
Rainer
___
El mar., 2 jul. 2019 a las 12:56, Naoum, A. (Alexandros) via rsyslog
() escribió:
>
>
>
> Good day,
>
> I was reading the section about the variables and the exec_template but
> honestly I couldn't able to get enough (maybe because there are not enough
> examples) so I would like to ask if it
you define it outside of the ruleset! So it is only executed when the
default ruleset is executed. Move it into the ruleset. That's exactly
why I needed the full config ;-)
Rainer
El mar., 2 jul. 2019 a las 14:20, Naoum, A. (Alexandros)
() escribió:
>
>
> set $!sourcetype =
full config pls
El mar., 2 jul. 2019 a las 14:13, Naoum, A. (Alexandros)
() escribió:
>
>
>
> That sound better but I'm not sure if I done it correct because doesn't work.
>
> I put this line before the ruleset definition:
>
> set $!sourcetype = "syslog_checkpoint_test";
>
> I have a template:
>
El mar., 2 jul. 2019 a las 13:15, Naoum, A. (Alexandros)
() escribió:
>
>
> Thank you for the reply.
>
> It is a good way but in my scenario... probably will not provide what I want
> to get.
> I want to reuse this variable as part of the file name on omfile module in
> multiple rulesets
El vie., 2 ago. 2019 a las 16:28, Singh, Radesh
() escribió:
>
> Much better :).
> Funny, my old install (8.24) is getting called out in the documentation... :P
unfortunately, there is a lot of 8.24 in the real world - with some
very bad bugs long solved... Thus I tend to name it whenever it
> Turns out there isn't any info at the link referenced in the error message :(.
I have updated the description:
https://www.rsyslog.com/rsyslog-error-2354/
Rainer
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
rsyslog version?
El sáb., 17 ago. 2019 a las 12:19, UNLIM.SRV via rsyslog
() escribió:
>
> For unknown reason some logs stop collecting several days ago on 2 of my
> centos7 opevz7 vds.
>
> cron, nginx, postfix.
> some other services (dovecot, yum) logs collected w/o problems.
>
> HDD
Just send to rgerha...@adiscon.com. Note: 8.1901.0 is an old version,
but I'll see and have a look if this looks similar to a current one.
Nevertheless an update to 8.1907 and try to see if the problem
persists is probably a good idea.
Rainer
El vie., 16 ago. 2019 a las 10:05, Mountford, Andrew
El vie., 30 ago. 2019 a las 12:32, rsyslog--- via rsyslog
() escribió:
>
> Hello,
>
> There are:
> 1) "Enter confirmation cookie" page issues
> 2) "Private Archives Authentication" not working either
>
> I suspect that's because both pages are an https URL but the form
> submission/action is http.
Config?
Sent from phone, thus brief.
Stuart Kendrick via rsyslog schrieb am Fr., 30.
Aug. 2019, 18:54:
> I have two loghosts:
>
> * Ubuntu 18.04.3 + rsyslogd 8.32.0
> * CentOS 7.6.1810 + rsyslogd 8.24.0
>
> Identical configuration files: /etc/rsyslog.conf and
>
Inside list templates, the property name is "controlcharacters".
Search this page for a description:
https://www.rsyslog.com/doc/v8-stable/configuration/templates.html
HTH
Rainer
El jue., 22 ago. 2019 a las 18:35, John Chivian via rsyslog
() escribió:
>
> Hello List:
>
> I am trying to
El lun., 2 sept. 2019 a las 12:03, David Lang via rsyslog
() escribió:
>
> On Mon, 2 Sep 2019, i...@kliemeck.de wrote:
>
> > Hello David,
> >
> > thanks for your answer. I'm forced to use legacy syntax, since the module
> > is written with legacy syntax:
> >
probably too late for this discussion, but may be helpful for others
searching for the same problem:
https://www.slideshare.net/rainergerhards1/external-plugins
Rainer
El mar., 3 sept. 2019 a las 23:49, Eudald Valcàrcel via rsyslog
() escribió:
>
> Alright, got it.
> Sorry for messing with
El mié., 11 sept. 2019 a las 15:56, Brian Candler via rsyslog
() escribió:
>
> Another minor question.
>
> In legacy format, you may prefix each entry with the minus "-" sign to
> omit syncing the file after every logging.
nope - it has no meaning at all. Sync never happens exceot when
cool - would you be intersted in contributing this into the rsyslog source tree?
Rainer
El lun., 16 sept. 2019 a las 14:21, Brian Candler via rsyslog
() escribió:
>
> On 07/09/2019 08:57, David Lang wrote:
> > I have not heard of loki before, so I doubt that anyone has written a
> > module for
Note: the last major omprog refcotring was done by
https://github.com/jsiwrk - I suggest to create a github issues for
the questions and mention @jsiwrk - he has agreed to take care of the
module.
Rainer
El mar., 17 sept. 2019 a las 1:50, David Lang via rsyslog
() escribió:
>
> On Mon, 16 Sep
El mié., 4 sept. 2019 a las 20:39, David Lang via rsyslog
() escribió:
>
> I suspect that the omrelp module is keeping some messages in it's memory
> before
> it suspends, but I'd need Rainer to comment on that and what can be done
> there.
Depends on config and when the OS notifies us. There
> Ps. I actually tried setting windowSitze to 1 just to see if fewer messages
> were "lost", but I didn't notice any difference.
> The setting suppose to be on the first action right ?
yes - if you change it on the first action and all remains the same,
pls open a github issue together with
El jue., 5 sept. 2019 a las 12:55, Patrik Martinsson
() escribió:
>
> Thanks!
>
> I adjusted it to "30", and noticing a huge difference in messages being
> "stored in the internal RELP queue on the client".
> IE. with 30 in windowSize, I loose about 15 seconds of messages, which
> correponds
El jue., 5 sept. 2019 a las 13:03, Patrik Martinsson
() escribió:
>
> I've actually recently quit my job, and would not be in position to argue for
> such thing.
> But, one would think that someone surely could fund that.
so thought I
>
> However, I do get your point - it was merely wishful
I think the root question is why all-json is needed here in the first
place...
Iirc $! As property should do.
Rainer
Sent from phone, thus brief.
David Lang via rsyslog schrieb am Do., 1. Aug.
2019, 17:28:
> create the variable in the $! namespace and it will be part of $!all-json
>
> there
It looks like the OBS packages were not updated. I did this myself
yesterday. So 8.1907.0 is now available via OBS.
Rainer
El mar., 16 jul. 2019 a las 18:58, Heaton, Tobias
() escribió:
>
> Does anyone have any updates on a stable update for RHEL6? Thank you.
>
> -Original Message-
>
El vie., 19 jul. 2019 a las 14:51, Heaton, Tobias
() escribió:
>
> Thank you Rainer.
>
> I updated to 8.1907.0-1 at 7:26am EST today and at 8:50am, logging once again
> stopped. I reverted back to 8.1904.
Can you help debug this? With me having no idea what is going on and
not the slightest
The obs repositories have it side today.
Rainer
Sent from phone, thus brief.
Scot Kreienkamp via rsyslog schrieb am Mi., 2.
Okt. 2019, 20:30:
> Hi everyone,
>
> I notice there are no builds for EPEL-8 on the yum repository. Any idea
> when we'll start seeing those show up? Working through
does this also happen with current 8.1905.0?
Rainer
El vie., 14 jun. 2019 a las 12:29, Peter Viskup via rsyslog
() escribió:
>
> Running rsyslog 8.24 on Debian9.
>
> The lookup table
> ~# cat /etc/rsyslog.d/local/programnames.lookup
> { "version" : 1,
> "nomatch" : "local-all",
> "type" :
you can use any filter before the action, e.g.
local7.* action(...)
A config change requires a restart. There are good reasons for it.
Could be changed, but would be very much work (for which nobody has
time).
HTH, if not pls ask again.
Rainer
El mié., 30 oct. 2019 a las 12:05, sch via
Well... we should weaken the warning. There are still issues, but the
journald team has managed to introduce other problems when using the
journal-managed log socket.
Actually the best way is to remove journal at all from the picture and
let rsyslog process the system log socket directly. But
sorry, some wrong info. What I wrote is interpreted as such
if (not $msg) contains "msgnum:" then {
and so it does not work. You need to set parenthesis to negate the
contains clause:
if not ($msg contains "msgnum:") then {
Rainer
El jue., 31 oct. 2019 a las 18:55, Rainer Gerhards
()
1 - 100 of 448 matches
Mail list logo