No problem, hope this helps. Recapping the previous message, plus some
additional config snippets:
First define the message format template:
template(name="QradarForwardMsgFormat" type="string"
string="<%pri%>%timestamp% %fromhost-ip% %syslogtag%%msg%")
Then, I have a ruleset that uses the tem
Rainer, thanks for the response. I'm not in the position to make those
decisions I'm just a contractor with the government.
On Thu, Dec 29, 2016 at 9:33 AM, Rainer Gerhards
wrote:
> Well, it's low on my priority list. But if this is for a biz case, why not
> consider sponsoring the implementatio
Well, it's low on my priority list. But if this is for a biz case, why not
consider sponsoring the implementation? Maybe via a support contract?
Rainer
Sent from phone, thus brief.
Am 29.12.2016 14:24 schrieb "Ryan Ward" :
> Hi I was wonder when we should expect to see this issue in rsyslog rel
Hi I was wonder when we should expect to see this issue in rsyslog release,
asking because our organization has a mandate for tls 1.1 or 1.2 only and
we are currently using imtcp not imrelp which supports priority strings.
https://github.com/rsyslog/rsyslog/issues/1093
Update:
I tried as per link here:
http://www.slideshare.net/rainergerhards1/using-wildcards-with-rsyslogs-file-monitor-imfile
I installed Rsyslog 8.5 using tarball. But it seems that file logs are not
getting logged to Loggly. My system logs are successfully reaching to
Loggly using Rsyslog versi
Maybe that could work. Thanks
El 29/12/16 a las 13:02, Benoit DOLEZ escribió:
Hi,
Does this documentation answer your needs ?
http://www.rsyslog.com/doc/v8-stable/configuration/dyn_stats.html
Regards
Benoit
Le 29/12/2016 à 12:27, mostolog--- via rsyslog a écrit :
impstats
Ok. I'll have
Hi,
Does this documentation answer your needs ?
http://www.rsyslog.com/doc/v8-stable/configuration/dyn_stats.html
Regards
Benoit
Le 29/12/2016 à 12:27, mostolog--- via rsyslog a écrit :
impstats
Ok. I'll have a look
define 'too fast'. And how do you tell the difference between your
logg
impstats
Ok. I'll have a look
define 'too fast'. And how do you tell the difference between your
logging system having a problem and generating so many messages and
the systems you are collecting logs from generating the messages?
If you setup thresholds and start throwing away messages th
Sorry I missed the link in my previous response:
http://www.slideshare.net/rainergerhards1/using-wildcards-with-rsyslogs-file-monitor-imfile
On Thu, Dec 29, 2016 at 4:06 PM, Shweta wrote:
> I did setup on ubuntu 12 with rsyslog version 8.23 but nothing get logged
> to my local as well as loggly
I did setup on ubuntu 12 with rsyslog version 8.23 but nothing get logged
to my local as well as loggly.
I also tried on ubuntu-16 with rsyslog version 8.5, but nothing is getting
logged.
Moreover , I went thorough the slide at the link below, where it is
mentioned to use inotify mode. Where to s
On Thu, 29 Dec 2016, mostolog--- via rsyslog wrote:
monitor logs/sec and alert if they jump much higher than normal
How could I do this using rsyslog? Is there a "counter" module?
impstats
overall, this isn't likely to happen once you get the system setup and
running, so many places don't
El 28/12/16 a las 22:41, David Lang escribió:
On Wed, 28 Dec 2016, mostolog--- via rsyslog wrote:
While testing our current infrastructure we have suffered a /log
explosion/, ie: errors when processing logs caused error logs on the
machine that also caused errors when processed...and finally,
Thanks for your clarifying answers.
El 28/12/16 a las 22:38, David Lang escribió:
On Wed, 28 Dec 2016, mostolog--- via rsyslog wrote:
Even more: does it make sense to have queues when using omfile?
usually not, it's usually less effort to write the data to the file
than to move it to a new
you don't say what version you are running, the most current docs are at:
http://www.rsyslog.com/doc/v8-stable/configuration/modules/imfile.html
I'm not sure exactly when wildcards became supported, but I believe it was well
into the 8.x series.
David Lang
On Wed, 28 Dec 2016, Shweta wrote:
14 matches
Mail list logo
