Rsyslog

From Wikipedia, the free encyclopedia
Rsyslog
Original author(s)Rainer Gerhards
Stable release
8.2102.0 / February 16, 2021; 12 months ago (2021-02-16)[1]
Repository
Written inC
Operating systemUnix-like
TypeSystem logging
LicenseGNU General Public License v3
Websitewww.rsyslog.com Edit this at Wikidata

Rsyslog is an open-source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IP network. It implements the basic syslog protocol, extends it with content-based filtering, rich filtering capabilities, queued operations to handle offline outputs,[2] support for different module outputs,[3] flexible configuration options and adds features such as using TCP for transport.

The official RSYSLOG website defines the utility as "the rocket-fast system for log processing".[4]

Protocol[]

Rsyslog uses the standard BSD syslog protocol, specified in RFC 3164. As the text of RFC 3164 is an informational description and not a standard, various incompatible extensions of it emerged. Rsyslog supports many of these extensions. The format of relayed messages can be customized.

The most important extensions of the original protocol supported by rsyslog are:

  • ISO 8601 timestamp with millisecond granularity and time zone information
  • the addition of the name of relays in the host fields to make it possible to track the path a given message has traversed
  • reliable transport using TCP
  • support GSS-API and TLS
  • logging directly into various database engines.
  • support for RFC 5424, RFC 5425, RFC 5426
  • support for RELP
  • support for buffered operation modes where messages are buffered locally if the receiver is not ready
  • complete input/output support for systemd journal

History[]

The rsyslog project began in 2004, when Rainer Gerhards, the primary author of rsyslog, decided to write a new strong syslog daemon to compete with syslog-ng, because, according to the author, "A new major player will prevent monocultures and provide a rich freedom of choice."[5] Rainer Gerhards worked on rsyslog inside his own company, Adiscon GmbH.

Systems where Rsyslog works[]

rsyslog works on a number of Unix-like systems and Linux distributions, among others:[6]

  • Red Hat Enterprise Linux (from RHEL 5; March 2007)
  • Fedora (In November 2007, rsyslog has become the default syslogd for the Fedora project) Fedora was the first major distribution to adopt this software; however, since Fedora 20 "Heisenbug" (released on December 17, 2013) the default syslog has been replaced by journald.
  • Debian (As of Debian 5.0, rsyslog has become the default syslog;[7] February 2009)
  • Ubuntu
  • openSUSE (default since 11.2; November 2009)
  • SUSE Linux Enterprise Server (from SLES 11 SP 2;[8] February 2012)
  • GNU Hurd
  • Solaris
  • FreeBSD[9]
  • Gentoo[10]
  • Arch Linux[11]
  • NetBSD[12]

Related RFCs and working groups[]

See also[]

References[]

  1. ^ "ChangeLog". 15 February 2021. Retrieved 19 February 2021 – via GitHub.
  2. ^ "Rsyslog.conf(5) - Linux manual page".
  3. ^ "RSyslog Documentation".
  4. ^ "rsyslog". rsyslog.com. Retrieved 2014-09-25. RSYSLOG is the rocket-fast system for log processing.
  5. ^ "Why does the world need another syslog?". August 12, 2007. Retrieved October 31, 2018.
  6. ^ "Platforms". Retrieved June 7, 2009.
  7. ^ "Debian 5.0 release notes". February 14, 2009. Retrieved February 16, 2009. The package rsyslog takes over as default system and kernel logging daemon for Debian 5.0, replacing syslogd and klogd.
  8. ^ "Release Notes for SUSE Linux Enterprise Server 11 Service Pack 2". Retrieved August 3, 2012. syslog-ng will be replaced with rsyslog
  9. ^ https://www.freshports.org/sysutils/rsyslog8
  10. ^ https://packages.gentoo.org/packages/app-admin/rsyslog
  11. ^ https://wiki.archlinux.org/index.php/Rsyslog
  12. ^ http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/sysutils/rsyslog

External links[]

Retrieved from ""