Hi,
I want to collect Bash history and forward it to my Elastic cluster. I
have a central rsyslog server in my cluster, which receives logs
already and forwards some to another rsyslog server.
I use the Bash `shopt -s syslog_history` option on Red Hat. On the
nodes in my cluster I forward the lo
Good Morning,
I am hopeful this mailing list is still monitored, and that this is not falling
onto deaf ears. I am currently trying to implement an Rsyslog Remote Server to
consolidate the logs of all of our Cisco switches. The server is collecting the
data, however because of the format of the
We do this at Bard, without any extra modules. I changed the format for
output to:
template(name="myASAFormat"
type="string"
string="%TIMESTAMP:::date-rfc3339% %fromhost-ip%
%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n")
Then in the action section for handling incoming Cisco
___
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myri
Please contain a plain text part in your mail. The mailing list
processor removes HTML for security reasons.
Judging from the subject, I guess either the receiver OR the sender
has not successfully enabled TLS. Check for error messages from
rsyslog.
HTH
Rainer
El mar, 19 mar 2024 a las 15:06, Br
please post your full configs, it's likely that there are other things in the
config that are causing issues.
note that when you are within an if statement, you don't need to do the &, just
a bare stop will apply to everything that the if matched.
David Lang
On Tue, 19 Mar 2024, Kees de Jong
if Redhat does not provide you with the pmciscoios module, then you need to
upgrade to a version that the community supports install that package from the
community repo.
see https://www.rsyslog.com/rhelcentos-rpms/ for instructions.
David Lang
P.S. this list is very much still alive and the
I will have to take a closer look at logs but yes, the logs in the
receiving syslog server are showing up as binary files.
Brian
On 3/19/2024 7:24 AM, Rainer Gerhards wrote:
Please contain a plain text part in your mail. The mailing list
processor removes HTML for security reasons.
Judging fr
we would need to see your full configs on both the sender and receiving sides to
make a guess as to what is being done wrong.
David Lang
On Tue, 19 Mar 2024, Brian via rsyslog wrote:
I will have to take a closer look at logs but yes, the logs in the
receiving syslog server are showing up as b
Attila, any reason you can't just use persistent journald? That is
what we did to solve the lost shutdown and crash logs. -Peter
On Fri, Mar 15, 2024 at 12:31 PM David Lang via rsyslog
wrote:
>
> imjournal uses the journal api to fetch the logs (fetching them in
> near-real-time), journald keep
Usually this happens when TLS cannot successfully be enabled at the
server side. This can happen even though the config looks valid, e.g.
permission issues reading cert files.
Rainer
El mar, 19 mar 2024 a las 15:55, David Lang via rsyslog
() escribió:
>
> we would need to see your full configs on
To David’s point it is a trivial process to replace/upgrade the RHEL default
version of rsyslog with the packages maintained in the Addison repository, and
folks should not be afraid of doing so as the RHEL versions can be notoriously
out of date.
> On Mar 19, 2024, at 09:43, David Lang via r
Thank you all very much for your suggestions and support. I am amazed at how
quickly these answers came and expected to be waiting for a few days to hear
back. I am very grateful that I signed up for this mailing list. I am hopeful
that the downloaded the community version fixes the problem and
13 matches
Mail list logo
