Hello!
If you can change the remote syslog port on your sender side, then there is
another way.
You can create a dedicated rsyslog input listening on a port
(imptcp/imtcp/imudp), bind it to a ruleset, then assume that every message
in the ruleset is from that expected sender (just do not use that
Hello Atilla!
You can limit the persistent journald storage in size with SystemMaxUse
option. Just find a value which is good enough for you to save all the
messages while rsyslog is down. I guess 1Gb should be more than enough.
On Wed, 20 Mar 2024 at 12:17, Attila Lakatos via rsyslog <
Hi Rainer!
FINALLY! That's great news! As I'm unemployed at the moment I can do some
volunteering also. Feel free to reach me directly if anything!
Thank you!
On Thu, 4 Jan 2024 at 20:31, Rainer Gerhards via rsyslog <
rsyslog@lists.adiscon.com> wrote:
> Hi all,
>
> happy new year to everyone!
Hello!
Does the timing match with rsyslog restarts (manual or logrotate-initiated)?
On Mon, 18 Sept 2023 at 00:39, TG Servers via rsyslog <
rsyslog@lists.adiscon.com> wrote:
> Hi,
>
> ever since I started logging to a UDS from my nginx I get the occasional
> 111 in my nginx error logs.
> As I
Hello!
It's the same as without ruleset I'd say.. As long as the source sets
severity right you should be able to use this:
ruleset(name="vcsa20525" queue.type="linkedlist" queue.workerThreads="4"
queue.workerThreadMinimumMessages="3000"){
if $syslogseverity-text != ['info', 'debug'] then {
Hi Marcin!
I haven't tried imtcp in production.. but a few years ago I had quite a
loaded rsyslog infra setup. So from my memories 1M msg/min is not that
high.. it's just 17k msg/s. I'd expect even RELP should be able to process
this on a single core. Though my infra was baremetal Xeon servers.
Hello!
I'd suggest extending the offer to Azure cloud too.. it shouldn't be really
different from the AWS case (I'd expect just a bit different `packer`
config to create the image)..
Thank you!
On Wed, 22 Mar 2023 at 15:30, Rainer Gerhards via rsyslog <
rsyslog@lists.adiscon.com> wrote:
> Hi
Hi Mariusz!
I'd suggest you try with mmfields first (
https://www.rsyslog.com/doc/v8-stable/configuration/modules/mmfields.html).
If no luck then I'd go for mmnormalize.
This way you can extract all the fields required and then use a template to
put just fields you need back into a message.
I
Hello!
If you need multiple fields and those are single-char-separated then using
mmfields action might be more profitable:
https://www.rsyslog.com/doc/master/configuration/modules/mmfields.html.
In more complicated case I'd suggest to engage mmnormalize instead:
Hi!
Another workaround is to use RELP which is able to configure TLS settings
per-action ARAIR.
On Wed, 6 Apr 2022 at 06:12, David Lang via rsyslog <
rsyslog@lists.adiscon.com> wrote:
> up until at least very recently this was not possible. There has been work
> to
> make the connection
10 matches
Mail list logo