an take to move logs.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
on options to a single port, but there was
no noticeable increase in speed.
This would not make any difference (and would actually risk slowing things
down if it can't re-use a port already in use)
David Lang
___
rsyslog mailing list
http://li
by-side comparison, it works _MUCH_ better to have the systems on
UTC. I've found that the problem of 'midnight' being either 4pm or 5pm
pacific time just really doesn't matter.
David Lang
___
rsyslog mailing list
http://lists.ad
I'm disappointed to see this, please keep us as informed as you can on
these discussions.
David Lang
On Wed, 23 Nov 2011, Rainer Gerhards wrote:
Hi all,
I am probably forced by circumstances to make some changes in the current
licensing of rsyslog. I have elaborated in this blog post:
nsered work that was done with the belief
that the result would be released under the GPL. Some of that work is
fairly core. This would be a potential problem for the MySQL approach.
David Lang
Rainer
David Lang
On Wed, 23 Nov 2011, Rainer Gerhards wrote:
Hi all,
I am probably forced by c
the log
messages not be worth very much, especially compared to the ease of using
legacy tools and scripts to deal with the log messages (not that it would
be that hard to teach these tools and scripts about the new info, it's
just not worh enough to bother)
David Lang
essage repeated' functionality). how hard would it be to add a
property that gets calculated on the fly when it's used?
part of the problem with contributing to rsyslog is finding good examples
of how to implement things. there is a lot of functiona
irly cheap ones (including from adiscon), but the ones that are pure
community projects tend to not keep up with windows releases (and have no
support), while the ones from commercial companies are all really intended
for other things and just happen to do syslog as well.
David Lang
We will also
able to logging from windows (relp,
disk assisted queues, failover if a receiver is down, etc)
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
I really wonder how much this proposal has the support of RedHat, and how
much is just LP.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
inux. The fact that it is linux-only is probably going to keep
it out of debian for the forseable future (they have the hurd and BSD
kernel options) and ubuntu is still sponsering upstart.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mail
esn't have the ability to schedule
things for the future, so it's not the right tool for this job.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
you are using rsyslog from the sending server on, then all you need to
do is to change the format that you use to send the message to one that
includes the high precision timestamp
David Lang
___
rsyslog mailing list
http://lists.adiscon.net
a parser module that populates these fileds from an incomeing
message over the network (while providing the appropriate value in
%inputname% that says that the message came over the network and so the
message could have been faked)
David Lang
On Tue, 29 Nov 2011, Rainer Gerhards wrote:
Da
, but nobody uses that". So I stuck it
right in the message...
understood.
that's why I was thinking in terms of creating properties that could then
be used in output format strings. that way you aren't dictating the
format, just providing the information for the admin to use how
one other thing that would be useful to get would be what cgroup the pid
is in.
Since systemd starts each 'service' in it's own cgroup, with that
information (and these things in a property), it would be possible to use
a dynafile definition to log each service to a separat
y to find)
as you pointed out, hashing by itself does no good, the hashes need to be
sent elsewhere. rsyslog has the ability to send things elsewhere based on
what they are, so a distictive log message that can easily be filtered to
send out should do the job.
David Lang
Rainer
David Lang
ke a
significant amount of time for me and I strongly suspect that a good DBA
could make this pretty trivial
ideally the command would be able to take multiple sets of log entries as
a single transaction, but that's a further optimization after we get a
single one added.
David Lang
___
some strings will be stored
repeatedly (wasting space), so I was hoping to get someone to step up and
help by writing the stored procedures that would be needed to get the same
effect in a database.
David Lang
___
rsyslog mailing list
http://lists.adisco
but I do not intend to do
this in the first steps - maybe later).
what flavors of zip does omfile support?.
David Lang
Rainer
as you pointed out, hashing by itself does no good, the hashes need to
be
sent elsewhere. rsyslog has the ability to send things elsewhere based
on
what they are, so
tions *with
normal tools* (in the source tree is also a tool that can read non-properly
closed files, but I dropped support for this as partitions worked well).
Ok, so zip, but not gzip, bzip2, lzma, etc. that's what I was guessing,
but I figured it woudln't hurt to as
Rainer is probably going to have to look at this, but a copy of the debug
output may help him.
David Lang
On Mon, 5 Dec 2011, Tom Teal wrote:
Date: Mon, 05 Dec 2011 15:43:34 -0500
From: Tom Teal
Reply-To: rsyslog-users
To: rsyslog@lists.adiscon.com
Subject: [rsyslog] Fwd: rsyslog on AIX
nnel.
This is normal and what should be happening. What then should happen when
the server comes back up is that the sender should notice that it can
re-establish the connection it should resume the channel
what version of rsyslog are you using on the sender and receiv
(4.4.2 is rather old)
if you can go to the latest 5.x it would be best.
David Lang
I guess the TCP message doesn't happen on the sending machine. The messages
are not send even
when the receiver is restarted. Do i need to set any parameter other than
the parameters in my client
config fi
this sounds like you are missing the zlib development library. you may not
have had compression enabled with your 4.x build in the config step.
David Lang
On Fri, 9 Dec 2011, Velu S wrote:
Date: Fri, 9 Dec 2011 16:17:14 -0500
From: Velu S
Reply-To: rsyslog-users
To: rsyslog-users
Subject
ld switching to RELP be as simple as replacing that last line with:
*.* :omrelp:logserver:2345;SiteIDForwardFormat
And adding a RELP listener on the new port on the server?
other than the need to load the relp module, it should be about that
simpl
On Fri, 9 Dec 2011, Velu S wrote:
Thank you David again for your quick reply. I installed Rsyslog version
5.8.6 in both the sender and receiver. But My TCP messages are still not
logged when the central server is down. Here is my log snippet:
OK, I don't understand the problem
whil
On Fri, 9 Dec 2011, Velu S wrote:
Thank you David for the reply. Sorry for not explaining clearly in my
previous emails.
I use disk assisted mode and TCP both on the client and the server. When
all the servers are up everything works fine.
When the server goes down the message send from the
eed to
do --enable-relp to make it compile.
David Lang
$ModLoad imtcp
$ModLoad immark # provides --MARK-- message capability
$ModLoad imuxsock # provides support for local system logging (e.g. via
logger command)
$ModLoad imklog # kernel logging (formerly provided by rklogd)
$ModLoad imudp
is there any way to give imfile a directory (or wildcard list of files)
and have it slurp them all in?
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
but this isn't that much
better than just sending the hash/log elsewhere.
This is the catch-22 of most PKI 'solutions'
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
tended easily for other input or parsing modules to create
properties?
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
ry quickly
classify all the log messages that you have seen, and the report of these
'unknown' messages starts getting rather small. have someone review these
unknown messages each day to catch new things (which may involve creating
a report or
provides the option to do lots of
things, but the default configuration does not do this sort of fancy stuff
(because there are too many ways that people may want to do things)
David LAng
___
rsyslog mailing list
http://lists.adiscon.net/mailman/l
On Tue, 20 Dec 2011, David Donchez wrote:
Hi All,
I'm experiencing Rsyslog 5.8.1 with RELP Module on a Debian Squeeze x64
system.
My architecture est running fine but i have some question about the RELP
features.
I will explains my setup :
ServerA -> RELP -> Ingestor Server -
og to start SEC and feed it the data via stdin, or you can
make a named pipe on your filesystem and have rsyslog write to that 'file'
and SEC read from that 'file' as it's input.
David Lang
___
rsyslog mailing list
http://li
droid kernel
based logger and how it is 'better' than syslog
ignoring speed and size issues for the moment, the only functional thing i
can't figure out how to do is to have multiple /dev/log-type inputs and
have them each be labled diffe
t MAC
has an IP address just like everything else on your network, and with both
you can have multiple machines listening to the traffic (with CLUSTERIP in
iptables on linux and the similar function on BSD you can have a farm of
machines split the traffic between them as well)
David Lang
ge as it's being
processed via Lua. [4]
[4] Not that I'm trying to sell my syslog daemon on the rsyslogd mailing
list ...
thanks for the info, I'll be looking in to it.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
eceived over the wire looks like. If it's bad, then you need to
look at the sender. If the raw message looks sane, but rsyslog isn't
handling it right, then we can troubleshoot from there.
David Lang
> rsyslogd 5.8.6, compiled with:
FEATURE_REGEXP:
/syslog before you even run the if
statement)
also note that doing a full "if then" is slower than doing the
property-based conditional
:fromhost-ip, startswith, "192.168.1.1" /var/log/gargoyle-router.log
and finally, this will match 192.168.1.100 as well as 192.168.1.1 so yo
note that in rsyslog, it defaults to async writes so the - is not needed
ahead of the filename (and there are various config paramters to set if
you want more safety at the expense of speed)
David Lang
On Wed, 11 Jan 2012, Francois Marier wrote:
On 2012-01-09 at 18:03:29, da...@lang.hm
bt that you intend it to come across this way, but you are sounding
very much like "please do my homework for me" (both here and on the SEC
list). There is a lot of documentation for both products, including
examples. You need to spend some time looking through them before asking
f
AM)
it is going to depend a lot on what processing you are doing.
disable name resolution (-x on the command line)
when you have the systems dropping logs, what is the utilization of
the rsyslog threads?
David Lang
___
rsyslog mailing l
this.
David Lang
On Fri, 13 Jan
2012, Michael Maymann wrote:
Date: Fri, 13 Jan 2012 14:43:06 +0100
From: Michael Maymann
Reply-To: rsyslog-users
To: rsyslog@lists.adiscon.com
Subject: Re: [rsyslog] Syslogging FQDN logfile/logdir howto/links/examples
Furthermore: would it be possible to validate
ify ignoring that statement and claiming that they are required to
be under the GPL.
David Lang
On Fri, 13 Jan 2012, Rainer Gerhards wrote:
Date: Fri, 13 Jan 2012 18:38:40 +0100
From: Rainer Gerhards
Reply-To: rsyslog-users
To: rsyslog-users
Subject: Re: [rsyslog] update on rsyslog l
http://rsyslog.com/article60/
David Lang
On Sat, 14 Jan 2012, Michael Maymann wrote:
Date: Sat, 14 Jan 2012 07:23:57 +0100
From: Michael Maymann
To: rsyslog-users , da...@lang.hm,
Michael Maymann
Subject: Re: [rsyslog] Syslogging FQDN logfile/logdir howto/links/examples
Hi David
On Sat, 14 Jan 2012, Michael Maymann wrote:
Hi David,
thanks for this...this is super info...:-) !
If I have to create different logs per host, will this be the a valid
configuration:
$template DynaFile_messages,?/logfiles_on_nfs/%HOSTNAME%/messages?
*.* -?DynaFile_messages
$template
I would say that 6.2.0 is probably better.
sorry I can't give you more info on this.
David Lang
On Mon, 16 Jan 2012, Michael Maymann wrote:
If I want DNS caching, should i use the new stable-6.2.0 or the older
devel-6.3.6... ?
Can see this feature mentioned here:
http://rsyslog.com/fea
Rainer knows this stuff far better than I do, so go with what he says.
David Lang
On Mon, 16 Jan 2012, Michael Maymann wrote:
Date: Mon, 16 Jan 2012 20:07:44 +0100
From: Michael Maymann
To: da...@lang.hm
Cc: rsyslog-users
Subject: Re: [rsyslog] Syslogging FQDN logfile/logdir howto/links
ingle /NFS_logdir/host001/maillog file
unless you are needing some 6.x specific feature, the configs from earlier
versions will still work.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslo
e a file called "file.log"
if you want both the directory and filename to be variable, just defien
the appropriate variables in each.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
ld create a directory for each thing that was previously a file and
in that directory would be a file called "file.log"
if you want both the directory and filename to be variable, just defien
the appropriate variables in each.
David Lang
I think I got a way out... using parsing of sys
4 1 7
no, this has nothing to do with the kernel.printk config. probably what is
happening is the severity is set to critical or something like that. We
would need to see your rsyslog.conf (and whatever files it includes) to
find what's configured to be sent to the
sages have.
David Lang
On Sun, 22 Jan 2012, Alex Cartwright wrote:
Here is my configuration for rsyslog, https://gist.github.com/1656491
I can see that emergencies are being sent to all users, however that
priority is never used.
Regards,
Alex
On 22 January 2012 02:02, wrote:
On Sat, 21 Jan
I haven't tried it, but knowing how rsyslog tends to work, the way to do
this would be to have multiple sections
$actionsnmptarget=
*.*
$actionsnmptarget =
*.*
David Lang
On Tue, 24 Jan 2012, Xuan Zhong wrote:
Hi,
Does anyone know how to configure multiple snmp trap destinatio
601 / Java DateField
this is the right option to take.
currently you are doing %timegenerated:::date-rfc3339%
change it to %timegenerated:1:19:date-rfc3339%Z
this will grab the first 19 characters of the timestamp (up to seconds)
and then the Z will be added (as it
know anything about it.
David Lang
On Fri, 27 Jan 2012, Michael Maymann wrote:
Date: Fri, 27 Jan 2012 15:53:30 +0100
From: Michael Maymann
Reply-To: rsyslog-users
To: rsyslog-users
Subject: Re: [rsyslog] Syslogging FQDN logfile/logdir howto/links/examples
Hi List,
Please - anyone who can
On Fri, 27 Jan 2012, Michael Maymann wrote:
Hi,
David: thanks for another quick reply - much appreciated...:-) !
Ok, I will try to get access to our DNS server, and have a look at the logs
there.
1. How does my rsyslog.conf and logrotate.d/rsyslog look ?
I'm not that familiar with logr
rt changes), otherwise you can end up with the traffic being
unbalanced between your systems without any way to re-balance the load.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
couple of years ago, and going across a cisco 3500
switch I was able to handle traffic up to ~380K logs/sec (~250 byte log
messages) with no message losses with UDP over several billion log
messages sent to a dozen destination machines.
David Lang
On Tue, 31 Jan 2012, Radu Gheorghe wrote:
Thanks a lot, David. These solutions seem much better than DNS round robin.
@Rainer: I'm having trouble with setting up more exact performance
tests, but the system is supposed to scale to something like 50K
messages per second. And I just assumed
for non-root user to run rsyslog
server - if yes: how ?
pick a listening port > 1024 and it should work.
2b. How do I start rsyslog during boot as non-root user - can chkconfig do
this ? do I need to edit /etc/init.d/rsyslog - if yes: how ?
su can run a command as a different user.
alth
%FROMHOST% == '???' then %FROMHOST% == %IP
rsyslog cannot do what you are asking. It can't assign a value to a
property.
what you can do is to setup a different template and then if %fromhost% is
your special pattern you can log with this differe
%FROMHOST% == '???' then %FROMHOST% == %IP
rsyslog cannot do what you are asking. It can't assign a value to a
property.
what you can do is to setup a different template and then if %fromhost% is
your special pattern you can log with this differe
s a wonderful
troubleshooting tool)
by default, the syslog format tries to keep the timestamp the client
provides.
I'm a huge proponent of running all production systems in GMT/UTC it
avoids a huge number of issues along the way.
David Lang
_
er of the
name. As a side note, it's a really good idea to make your short hostnames
unique, this is only one of the places where having the same short
hostname on multiple boxes will cause grief. In most cases you can work
around the grief, but it's not that hard to make the hostnames
On Thu, 2 Feb 2012, Michael Maymann wrote:
Hi,
David: thanks for your reply...:-) !
here is my debug output:
Rainer already answered your question, but this isn't quite what I was
asking for.
what I was asking for was for you to add a line something like the
following
*.info;mail
ave a working /etc/init.d/rsyslog what you can share/I can test...?
my guess is that this is a SELINUX related problem.
what happens if you try to start rsyslog manually (not by running the
startup script, but just running 'rsyslogd -c 6' "
David Lang
Thanks in advance :-)
what does one of these messages look like if you write it out with the
RSYSLOG_DEBUG template?
David Lang
On Fri, 3 Feb 2012, Michael Maymann wrote:
Date: Fri, 3 Feb 2012 07:00:26 +0100
From: Michael Maymann
Reply-To: rsyslog-users
To: rsyslog-users
Subject: Re: [rsyslog] if %FROMHOST
without auto backgrounding, what happens when you run it manually?
David Lang
On Fri, 3 Feb 2012, Michael Maymann wrote:
Hi,
Rainer: thanks for your reply.
Tried without auto-backgrounding, here is the proccesses I see:
root 14814 14131 0 10:43 pts/000:00:00 /bin/sh /sbin/service
oops, that should have been RSYSLOG_DebugFormat template.
David Lang
On Thu, 2 Feb 2012, da...@lang.hm wrote:
Date: Thu, 2 Feb 2012 22:44:46 -0800 (PST)
From: da...@lang.hm
Reply-To: rsyslog-users
To: rsyslog-users
Subject: Re: [rsyslog] if %FROMHOST% == '???' then %FROMHOST% ==
On Fri, 3 Feb 2012, Michael Maymann wrote:
Hi,
David: unfortunately this was not the case...:
# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced
s it
stop entirely?
David Lang
here is my current /etc/init.d/rsyslog.conf anyway...:
# cat /etc/init.d/rsyslog
#!/bin/bash
#set -x
#
# rsyslogStarts rsyslogd/rklogd.
#
#
# chkconfig: 2345 12 88
# description: Syslog is the facility by which many daemons use to log \
# messages to various
s one of the messages with
the ??? in it that you are trying to fix.
David Lang
On Fri, 3 Feb 2012, Michael Maymann wrote:
Hi,
David: thanks for you reply...:-) !
This is not a known client causing the "???" entries - I don't know the
ip(s)/hostname(s), and this is why i
other script is using, the problem may be in that other script.
I think you mentioned somewhere along the line, but I don't remember, what
distro is this?
In any case, this file has a bunch of stuff at the top that makes me think
this is not a standard init file.
this looks similar to an
troubleshoot this.
I'm glad that you finally got it working, but I would suggest that you
send a note to Red Hat so that they can figure out what's up with their
startup script.
David Lang
On Sat, 4 Feb 2012, Michael Maymann wrote:
Hi David,
thanks for your reply.
Now I got
It would be good to track down what's actually happening here.
David Lang
On Sat, 4 Feb 2012, Michael
Maymann wrote:
Hi,
SOLVED...
got it working...:-) !
I enabled debugging (David: thanks for the hint) and this was one of the
entries:
---
Debug line with all properties
ich makes it somewhat easier to scan
for failures inside the log file. It also provides the ultimate proof of why
the function indicates failure.
under what condition would we not be able to get the IP address of the far
end of the connection?
David Lang
@Michael: You can obtain the new v
ssage.
If you use %fromhost% of %fromhost-ip% it will log the machine the message
was received from.
my guess is that you use fromhost on your central server.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rs
a template?
if your template uses %hostname% it will preserve what was in the message.
If you use %fromhost% of %fromhost-ip% it will log the machine the message
was received from.
my guess is that you use fromhost on your central server.
David Lang
_
on the assumption that a batch is handled as a single
transaction, so if any of the messages fail, none of them are inserted.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
m you are having?
is RHEL5 the sender or the receiver of the log message?
what are you getting, and what do you think you should be getting?
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslo
f
hassles)
David Lang
On Fri, 10 Feb 2012, Michael Maymann wrote:
Hi,
my RHEL5 are legacy syslog clients and they don't report time right. They
report client-time but server-timezone...
RHEL6 rsyslog-client did the same thing before i added:
$ActionForwardDefaultTemplate RSYSLOG_ForwardFormat
have it listening on the SNMP trap port and
logging the message to syslog via the logger command, then mmsnmptrapd
will reformat the message to make it far more useful.
David Lang
On Fri, 10 Feb 2012, Michael Maymann wrote:
Hi,
Rainer: thanks for your reply.
Can't this module do the
Rainer, while you are looking in this area, a bug I ran into a while ago
that I don't remember seeing a fix for is that if you start rsyslog with
the -x flag fromhost-ip doesn't get populated (the IP address is in
fromhost)
David Lang
On Mon, 13 Feb 2012, Rainer Gerh
nment.
So this situation wouldn't be possible neither if it is legacy syslog or
rsyslog - am I right ?
yes, fromhost-ip is taken from the IP header, so it should record the IP
of any remote machine.
If it's not doing so it's a bug.
David Lang
Rainer: Are you able to see, from t
ve it installed, it could be that the rsyslog build is looking in
the wrong place, see if you have gcrypt.h anywhere on your system.
David Lang
On Thu, 16 Feb 2012, Harry Putnam wrote:
Compiling rsyslog-5.8.7 on gentoo linux, the build ends with an error
involving a missing gcrypt.h file.
Hope its no
imits, it may do so a LOT)
David Lang
On Mon, 20 Feb 2012, Jeff Poling wrote:
Seems to be duplicates of normal logs. I saved a couple of the logs and they
include entries all from the same time down to the seconds.
Jeff
Jeffrey Poling
System Administrator | Information Systems
Moody
], [m4_define([AM_SILENT_RULES],[])])
this seems to work.
In addition, libestr was unhappy that I didn't have a install-sh in the
path, creating a link the /usr/bin/install works (it had to be install-sh,
if I made the link install.sh it complained that that is obsolete and
should not be used)
David
rsyslog configure didn't detect that I was missing yacc on my system.
David Lang
On Tue, 21 Feb 2012, da...@lang.hm wrote:
Date: Tue, 21 Feb 2012 14:28:20 -0800 (PST)
From: da...@lang.hm
To: rsyslog-users
Subject: build problems on debian 5
building libee, libestr, and liblognorm
building 6.3.7 on debian 5
I was able to build 6.2.0 without a problem
David Lang
make[2]: Leaving directory `/usr/src/rsyslog/runtime'
Making all in grammar
make[2]: Entering directory `/usr/src/rsyslog/grammar'
/bin/sh ../ylwrap grammar.y y.tab.c grammar.c y.tab.h grammar.
should upgrade anyway :-)
I will, but such an upgrade takes time.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
fter the e-mail address)
you really may be better off doing this in a separate program, do
something like have rsyslog write the log to a temporary location, then
run it through sed to 'fix' e-mail addresses and put the result in the
final location.
David Lang
__
, it should be trivial.
I don't believe that there is any way to have it not keep the connection
open.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
ing two copies of rsyslog, one with DNS
disabled and one with it enabled. you don't even need to forward from one
to the other in your case.
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
do you have any modified version for me to test?
David Lang
On Sat, 25 Feb 2012, Rainer Gerhards wrote:
This looks like a problem with flex/bison, but I have to admit I don't see
any message that points me to where the problem could be...
Rainer
-Original Message-
From: rs
Ok, I'll just stick with 6.2 for now.
David Lang
On Sun, 26 Feb 2012, Rainer Gerhards wrote:
Date: Sun, 26 Feb 2012 10:05:07 +0100
From: Rainer Gerhards
Reply-To: rsyslog-users
To: rsyslog@lists.adiscon.com
Subject: Re: [rsyslog] rsyslog build error
Unfortunately not, as i do not know
le ?
you can't do that, but I think you can use rulesets to do what you are
wanting. define a separate ruleset for each listening port and put the
rules for that port inside that ruleset.
David Lang
___
rsyslog mailing list
http://lists.adis
One thing I am missing from the product page you link to from your blog is
what the per-host pricing is for this.
David Lang
On Mon, 5 Mar 2012, Rainer Gerhards wrote:
Date: Mon, 5 Mar 2012 18:27:28 +0100
From: Rainer Gerhards
Reply-To: rsyslog-users
To: rsyslog-users
Subject: [rsyslog
1 - 100 of 3062 matches
Mail list logo
