Hi,
Please disregard my earlier email. The syntax is the same. I was looking in
the wrong file for the error message...
Apologies.
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Mond
ame, startswith, "CRON" stop
Or, I tried to make rsyslog do something it should not be doing... ;)
Best wishes,
Sophie
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Friday, Dec
andshake failed [gnutls error -54: Error in the pull function.]', object
'lstn 2514: conn to clt 192.168.101.34/2450.oob.intra' - input may not work as
intended [v8.39.0 try http://www.rsyslog.com/e/2353 ]
2018-12-07T14:48:45.384156+01:00 3005 rsyslogd: imrelp[2514]: error 'TLS
input may not work as intended [v8.39.0 try http://www.rsyslog.com/e/2353 ]
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Thursday, December 06, 2018 4:07 PM
> To: Flo Rance
Debian repository - outdated
>
> I've uploaded 8.39.0 to stretch-backports.
> It should be available at your mirrors soon.
> Am Mi., 5. Dez. 2018 um 13:51 Uhr schrieb sophie.loewenthal--- via
> rsyslog :
> >
> > > -Original Message-
> > > Sent
I got this:
2018-12-06T15:38:59.909637+01:00 s3005 rsyslogd: imrelp[2514]: authentication
error 'peer did not provide a certificate', peer is '' [v8.39.0 try
http://www.rsyslog.com/e/2353 ]
2018-12-06T15:38:59.909646+01:00 s3005 rsyslogd: imrelp[2514]: error 'TLS
handshake failed [gnutls error
> It might indicate that the server doesn't provide tls.
Unsure what you mean.
> Btw, did you generate all the certificates with the same openssl binary ?
Yes, same openssl bin on the same server.
Files can be read by the process. 444 except the key which is 400 and rsyslog
runs as root on the
Little more info whilst I was looking:
The rsyslog.conf configuration,
The CLIENT has
action(
type="omrelp"
target="a-be-s3005-msl"
port="2514"
tls="on"
tls.caCert="/etc/rsyslog.d/ssl/company-ca.crt"
tls.myCert="/etc/rsyslog.d/ssl/client.crt"
tls.myPrivKey="/etc/rsyslog.d/ssl/client.key"
The SE
ng the certificates
Hi,
What's wrong with this guide https://www.rsyslog.com/using-tls-with-relp/ ?
The commands used in it still apply nowadays.
Regards,
Flo
On Wed, Dec 5, 2018 at 12:52 PM sophie.loewenthal--- via rsyslog
wrote:
Hi,
One and off for a few months I've b
and TLS - creating the certificates
Hi,
What's wrong with this guide https://www.rsyslog.com/using-tls-with-relp/ ?
The commands used in it still apply nowadays.
Regards,
Flo
On Wed, Dec 5, 2018 at 12:52 PM sophie.loewenthal--- via rsyslog
mailto:rsyslog@lists.adiscon.com>> wrote:
H
> -Original Message-
> Sent: Wednesday, December 05, 2018 1:50 PM
> To: rsyslog-users
>
> Hi,
>
> The last version for the Debian repository was for Wheezy with rsyslog_8.27.0-
> 1_amd64.deb Is there a Debian 9 repository with rsyslog 8.3.9?
>
> https://www.rsyslog.com/debian-repositor
Hi,
The last version for the Debian repository was for Wheezy with
rsyslog_8.27.0-1_amd64.deb Is there a Debian 9 repository with rsyslog 8.3.9?
https://www.rsyslog.com/debian-repository/
Best wishes,
Sophie
This message and any attachments (the "message") is
intended solely for the inte
Hi,
One and off for a few months I've been trying toget TLS working with RELP. I've
set up so many certificates for client and servers, and never managed to them
to talk. Frankly, with all the hundreds of options in openssl/certtool and that
the default values and order of questions that chang
ld put an entry for
> it in /etc/hosts and list "files" as the first element of the "hosts" entry.
>
> Regards,
>
>
> On 12/4/18 7:16 AM, sophie.loewenthal--- via rsyslog wrote:
> > Hi,
> >
> > This error popped up in the logs:
> > 2018
Hi,
This error popped up in the logs:
2018-12-04T14:00:20.567320+01:00 z3001 rsyslogd: omfwd: could not get addrinfo
for hostname 'z2500':'10514': Name or service not known [v8.39.0 try
http://www.rsyslog.com
I have this action configured, and this looks ok to me.
The host can be resolved loca
de
Flo
On Thu, Nov 15, 2018 at 3:31 PM sophie.loewenthal--- via rsyslog
wrote:
Hi Carsten,
I added this but got an error in the logs.
2018-11-15T15:25:44.803514+01:00 3msl rsyslogd: imrelp: invalid auth mode
'anon' [v8.39.0 try http://www.rsyslog.com/e/2291 ]
I tried this config with
t; )
> $Ruleset RSYSLOG_DefaultRuleset
>
> $InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated
> $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
> $InputTCPServerBindRuleset TLS
> $InputTCPServerRun 6514 # start up listener at port 6514
>
&
#x27;, object 'lstn 10514: conn to clt 10.1.1.8/a2.local ' - input
may not work as intended [v8.24.0 try http://www.rsyslog.com/e/2353 ]
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
>
quot;
tls.myPrivKey="/etc/pki/tls/private/sender-key.pem"
tls.authmode="name"
tls.permittedpeer=["*.local"]
)
What should I added for the tls.permittedpeer? I don't think this is correct.
Or my certificates are wrong.
> -Original Message-
> From:
Light bulb moment: Can I use the same client cert on all of the clients?
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Tuesday, November 13, 2018 10:06 AM
> To: rsyslog-users
> Cc:
Hi,
I've read lots of dox on setting up TLS for sending logs and every time I see
one has to set up a CA and then have a certificate for every client. I'd have
to create 1001 certificates and then a new client cert for every new server.
This is impractical and the time is not available to perfo
syslog rsyslog 579 Nov 12 15:20 el8-10514.queue.qi
From: Flo Rance [mailto:troura...@gmail.com]
Sent: Monday, November 12, 2018 3:19 PM
To: rsyslog-users
Cc: LOEWENTHAL Sophie
Subject: Re: [rsyslog] Ruleset : send to server over UDP instead of TCP
Hi,
It seems that the primary purpose of omelasticsearch i
ver UDP instead of TCP
Hi,
It seems that the primary purpose of omelasticsearch is to send logs to
elesticsearch rest, running on http or https, thus using tcp. It's not intended
to use udp.
https://www.rsyslog.com/doc/v8-stable/configuration/modules/omelasticsearch.html
But I might be wrong...
F
-Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Monday, November 12, 2018 2:44 PM
> To: rsyslog-users
> Cc: LOEWENTHAL Sophie
> Subject: [rsyslog] Ruleset : send to server over UDP instead of TC
Hi,
Will this rule send the messages to the server over UDP or TCP? I would like
this to be UDP.
# RuleSet
*.info { action (type="omelasticsearch"
server="el8"
serverport="10514"
searchIndex="unix"
bulkmode="on"
template="ElasticSearchTemplate"
name="el8-514-out"
queue.size="1024000"
qu
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Friday, November 09, 2018 7:56 PM
> To: LOEWENTHAL Sophie
> Cc: Rainer Gerhards; rsyslog-users
> Subject: RE: [rsyslog] Code verification : legacy to new format
>
> On Fri, 9 Nov 2018, sophie.loewent...@externe.bnpparib
nce [mailto:troura...@gmail.com]
> > Sent: Friday, November 09, 2018 10:38 AM
> > To: rsyslog-users
> > Cc: Rainer Gerhards; LOEWENTHAL Sophie
> > Subject: Re: [rsyslog] Code verification : legacy to new format
> >
> > Hi,
> >
> > If you search on v8-
From this QuickSearch box and search on " privdroptouser " on this page:
https://www.rsyslog.com/doc/v7-stable/configuration/action/rsconf1_dynafilecachesize.html
Goves this link to
https://www.rsyslog.com/doc/v7-stable/search.html?q=PrivDropToUser+&check_keywords=yes&area=default
To this link:
2018 at 10:31 AM sophie.loewenthal--- via rsyslog
wrote:
Is there a page that maps legacy statements to the new version?
Why do I ask?
* My search on rsyslog.com for PrivDropToUser give me this link:
https://www.rsyslog.com/doc/v7-stable/search.html?q=PrivDropToUser+&check_keywords=yes&
ember 09, 2018 9:45 AM
> > > To: rsyslog-users
> > > Cc: David Lang; LOEWENTHAL Sophie
> > > Subject: Re: [rsyslog] Code verification : legacy to new format
> > >
> > > https://www.rsyslog.com/doc/v8-stable/configuration/conf_formats.html
> > >
> >
tion : legacy to new format
>
> https://www.rsyslog.com/doc/v8-stable/configuration/conf_formats.html
>
> HTH
> Rainer
> El vie., 9 nov. 2018 a las 9:30, sophie.loewenthal--- via rsyslog
> () escribió:
> >
> > > -Original Message-
> > > From:
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Thursday, November 08, 2018 10:30 PM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL Sophie
> Subject: Re: [rsyslog] Code verification : legacy to new format
>
> On Thu, 8 Nov 2018,
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Thursday, November 08, 2018 10:30 PM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL Sophie
> Subject: Re: [rsyslog] Code verification : legacy to new format
>
> On Thu, 8 Nov 2018,
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Thursday, November 08, 2018 10:27 PM
> To: LOEWENTHAL Sophie
> Cc: sophie.loewenthal--- via rsyslog
> Subject: RE: [rsyslog] rsyslogd 8.24.0 and setting file ownership and
> permissions
&g
Hi,
This seems to work for me, but I'd be grateful if somebody would confirm this
is actually correct.
Dump all nrpe messages into a file, and once done discard.
* Legacy format
:programname, isequal, "nrpe" /app/rsyslog/messages.nrpe.all
:programname, isequal, "nrpe" &
* New format
if ( $prog
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Wednesday, November 07, 2018 6:43 PM
> To: LOEWENTHAL Sophie
> Cc: sophie.loewenthal--- via rsyslog
> Subject: RE: [rsyslog] rsyslogd 8.24.0 and setting file ownership and
> permissions
&g
da...@lang.hm]
> Sent: Tuesday, November 06, 2018 10:03 PM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL Sophie
> Subject: Re: [rsyslog] rsyslogd 8.24.0 and setting file ownership and
> permissions
>
> On Tue, 6 Nov 2018, sophie.loewenthal--- via rsyslog wrote:
>
gt; action(
> type="omfile"
> name="infoActionName"
> template="templateName"
> file="/soft/rsyslog/everything.info.log"
> )
> }
>
> It was corrupted somewhere to...
>
> *.info {
> action(
&
t 11:01 AM sophie.loewenthal--- via rsyslog
wrote:
Hi,
I have these global settings and this template:
# misc config
global(
workDirectory="/app/rsyslog" )
$CreateDirs on
$fileOwner root
$fileGroup admin
$dirGroup admin
$FileCreateMode 0640
action(type="omfile" dirCr
Hi,
I have these global settings and this template:
# misc config
global(
workDirectory="/app/rsyslog" )
$CreateDirs on
$fileOwner root
$fileGroup admin
$dirGroup admin
$FileCreateMode 0640
action(type="omfile" dirCreateMode="0750" fileCreateMode="0640"
fileGroup="admin"
File="/soft
rverBindRuleset Remote
$UDPServerRun 514
Best wishes,
Sophie
Not working on Mondays/ Travailler sauf le lundi
Team mailbox : am.itu...@bnpparibas.com
or direct sophie.loewent...@bnpparibas.com
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> so
omething like this:
sudo tail -f /home/rsyslog/myhost.log
/home/rsyslog/sc005827.myhost.log/home/rsyslog/myhost.log/home/rsyslog/myhost.log/home/rsyslog/myhost.log
On Tue, Oct 30, 2018 at 5:18 PM sophie.loewenthal--- via rsyslog
wrote:
Hi Flo,
Yes it is:
# rsyslog Templates
template(name="ElasticSearchTemp
tail -f /home/rsyslog/myhost.log
/home/rsyslog/sc005827.myhost.log/home/rsyslog/myhost.log/home/rsyslog/myhost.log/home/rsyslog/myhost.log
On Tue, Oct 30, 2018 at 5:18 PM sophie.loewenthal--- via rsyslog
mailto:rsyslog@lists.adiscon.com>> wrote:
Hi Flo,
Yes it is:
# rsyslog Template
2.log/soft/rsyslog/sysl2.log/soft/rsyslog/sysl2.log/soft/rsyslog/sysl2.log/soft/rsyslog/sysl2.log/soft/rsyslog/sysl2.log/soft/rsyslog/sysl2.log/soft/rsyslog/sysl2.logbe-s
BR,
Sophie
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
>
}
Best wishes,
Sophie
From: Flo Rance [mailto:troura...@gmail.com]
Sent: Tuesday, October 30, 2018 5:16 PM
To: rsyslog-users
Cc: LOEWENTHAL Sophie
Subject: Re: [rsyslog] Moving from legacy to new rsyslog syntax - dynafile and
severity levels
Hi,
Is your template "ElasticSearchTemplate" de
name="debugActionName"
template="dynaName"
dynafile="dynaName"
)
}
*.warn {
action (
type="omfile"
name="infoActionName"
#template="templateName"
file="/soft/rsyslog/everything.warn.log"
Hi,
I'm trying to change the rsyslog server to the new format, and decided to use
the config generator on the rsyslogd.com website.
Previously I used Dynafile to send logs into %HOSTNAME%.log, but I don't see
DynaFile available in the config generator.
Also I had set up different severities to
="-1"
)
& stop
$DefaultRuleset Remote
# service rsyslog stop
Redirecting to /bin/systemctl stop rsyslog.service
[root@be-s3133-msl etc]# find /var/spool/rsyslog/
/var/spool/rsyslog/
/var/spool/rsyslog/imjournal.state
/var/spool/rsyslog/syslog2-514.queue.0001
/var/spool/rsyslog/s
If there's anything in the memory
> queue, it gets written to disk during shutdown. The queue file will be
> as you named in the rsyslog work directory.
>
> Regards,
>
> On 10/16/18 10:32 AM, sophie.loewenthal--- via rsyslog wrote:
> > Hi,
> >
> > I uncomment
ed. Research the
> other values and set as appropriate for your environment.
>
> Regards,
>
>
> On 10/10/18 8:25 AM, sophie.loewenthal--- via rsyslog wrote:
> > Hi John and David Lang,
> >
> > Thanks for the configuration & suggestions.
> >
>
unt="-1"
)
Best wishes,
Sophie
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of John
> Chivian
> Sent: Friday, October 05, 2018 1:43 PM
> To: rsyslog@lists.adiscon.com
> Subject: Re: [rsyslog] How to syslog to lo
end later whilst logging to local files?
Best wishes,
Sophie
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Friday, October 05, 2018 12:54 PM
> To: rsyslog-users
> Cc: LOEWENTHAL Sophie
&g
local logs?
Best wishes,
Sophie
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Friday, October 05, 2018 11:31 AM
> To: rsyslog-users
> Cc: LOEWENTHAL Sophie
> Subject: [rsyslog]
Hi,
I have this line in the /etc/rsyslog.conf:
$ModLoad imuxsock # provides support for local system logging (e.g. via logger
command)
$ModLoad imjournal # provides access to the systemd journal
$WorkDirectory /var/lib/rsyslog
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Monday, June 11, 2018 9:51 AM
> To: rsyslog-users
> Cc: LOEWENTHAL Sophie
> Subject: [rsyslog] too many tcp sessions - dropping incoming request
>
Morning all,
My rsyslog server logs have been spammed with:
<43>1 2018-04-28T04:19:42.964984+02:00 be-s0873-c2a rsyslogd-2079 - - - too
many tcp sessions - dropping incoming request [try
http://www.rsyslog.com/e/2079 ]
The URL is a link to
http://kb.monitorware.com/kbeventdb-list-1-Adiscon-rs
eping up with the load,
> or
> there are network issues reaching them.
>
> the next step would be to start looking at what's happening on those central
> syslog servers
>
> David Lang
>
> >
> >
> >> -Original Message-
> >> From: David
in rsyslog.d or only the *.conf files? Maybe the
central_syslog.conf.19042 old config file is tripping this up.
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Wednesday, May 16, 2018 10:22 PM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL S
-Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Wednesday, May 16, 2018 10:30 AM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL Sophie
> Subject: [rsyslog] action 'action 0' res
Hi everybody,
Our RHEL 7 servers were patched over the weekend 7.4 to 7.5. Since then I've
had these messages in the logs from rsyslog. Since then we have 38000 of the
'action' messages since 23 April. Although rsyslog was updated, this looks
like a minor revision. Downgrading to rsyslog-8.24
that
just means that you need to get them to change or compile it yourself
David Lang
>
>
>> -Original Message-
>> From: David Lang [mailto:da...@lang.hm<mailto:da...@lang.hm>]
>> Sent: Wednesday, April 25, 2018 7:38 PM
>> To: sophie.loewenthal--- via rs
We don't have impstats on Solaris. It's a Linux thing.
> -Original Message-
> From: David Lang [mailto:da...@lang.hm]
> Sent: Wednesday, April 25, 2018 7:38 PM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL Sophie
> Subject: Re: [rsyslog] server recei
Hi,
>From a rsyslog view what sort of acknowledgement should it receive to know the
>destination servers are filling up? The destinations run Logstash.
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal
2018 5:21 AM
> To: sophie.loewenthal--- via rsyslog
> Cc: LOEWENTHAL Sophie
> Subject: Re: [rsyslog] server received messages but rsyslog did not write them
> into a file
>
> On Tue, 24 Apr 2018, sophie.loewenthal--- via rsyslog wrote:
>
> > *.info @@(o)b111l:10514
x27;s working fine on host be-s2508-msl. But does it work on be-s2507-msl as
well ? If it fails, it might not go further.
Does it work correctly if you comment out only the latest directive ?
*.info @@(o)be-s2508-msl:10514;json-template2
Regards,
Flo
On Tue, Apr 24, 2018 at 11:44 AM,
syslog1.61484: Flags [.], cksum 0xe363
(correct), seq 1, ack 311845, win 0, options [nop,nop,TS val 2670255351 ecr
440198685], length 0
Best wishes,
Sophie
From: Flo Rance [mailto:troura...@gmail.com]
Sent: Tuesday, April 24, 2018 11:23 AM
To: rsyslog-users
Cc: LOEWENTHAL Sophie
Subject: Re: [rs
ServerBindRuleset Remote
$InputTCPServerRun 514
$InputUDPServerBindRuleset Remote
$UDPServerRun 514
Best wishes,
Sophie
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Tuesday, April 24, 2018
:omusrmsg:root
& stop
$RuleSet Remote
*.info ?DynaFile
*.info @@(o)b111l:10514;json-template2
*.info @@(o)b112l:10514;json-template2
& stop
$DefaultRuleset Remote
$InputTCPServerBindRuleset Remote
$InputTCPServerRun 514
$InputUDPServerBindRuleset Remo
Hi guys,
After 31st March our rsyslog v8.4.2 Solaris 11 servers stopped processing lots
of messages. I think we had a network change but do not yet know what.
Tcpdump showed the test message arrived,
# tcpdump -s 0 -A -vvv port 514 |grep sdfasdfsa
dropped privs to nobody
tcpdump: listening on
syslog-boun...@lists.adiscon.com] On Behalf Of deoren
> Sent: Monday, March 05, 2018 3:21 PM
> To: rsyslog@lists.adiscon.com
> Subject: Re: [rsyslog] rsyslogd0: action 'action 11' resumed (module
> 'builtin:omfwd') [try http://www.rsyslog.com/e/0 ]
>
> On 3/5/2018 8:09 AM, sop
x27;) [try http://www.rsyslog.com/e/2359
Best wishes,
Sophie
Team mailbox : am.itu...@bnpparibas.com
or direct sophie.loewent...@externe.bnpparibas.com
> -Original Message-
> From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsysl
lto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Monday, March 05, 2018 1:58 PM
> To: rsyslog-users
> Cc: LOEWENTHAL Sophie
> Subject: Re: [rsyslog] rsyslogd0: action 'action 11' resumed (module
> 'builtin:omfwd') [try http://ww
; From: rsyslog [mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of
> sophie.loewenthal--- via rsyslog
> Sent: Monday, March 05, 2018 1:51 PM
> To: rsyslog-users
> Cc: LOEWENTHAL Sophie
> Subject: [rsyslog] rsyslogd0: action 'action 11' resumed (module
> 'builtin:om
Hi,
I have this config for rsyslog 8.4.2 on Solaris 11. This throws an error for
some messages.
The associated webpage tells me "This error should not occur! Please give us a
short describtion how this error occurs". So here I am with a short description
:) I believe a module is missing,
Hi,
I'm pretty sure I am doing this wrong:
*.info;mail.none;cron.none @@syslog-new
Shouldn't this send all *.info to the remote server except anything above
mail.none and cron.none?
For some reason this line still sends cron.none & mail.none and above to the
remote server.
B
eoren
Sent: Monday, February 19, 2018 4:49 PM
To: rsyslog@lists.adiscon.com
Subject: Re: [rsyslog] Forward messages from rsyslog server to JSON
elasticSeach connector
On 2/19/2018 9:29 AM, sophie.loewenthal--- via rsyslog wrote:
> Hi,
>
> Does this configuration look ok begore I let this
Hi,
Does this configuration look ok begore I let this configuration rip in
production?
A server running rsyslog 8.7.4 on Solaris 11 that receives TCP and UDP messages
from a mixture of syslog and rsyslog clients .
Each client has a %HOST.log created on the server file system.
The rsyslog ser
77 matches
Mail list logo