Versions Compared

Old Version 21

changes.mady.by.user Elena Kornilova

Saved on

compared with

New Version 22

changes.mady.by.user Ksenia Babych

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.



Html
<div id="fb-root"></div>
<script>(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = 'https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.11';
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>

...

Info

The following Admin Guide describes how enable Remote Syslog and explains its basic configuration.

Created: March 2018

WMS version: 3.88

Permalink: https://confluence.wildix.com/x/aQc8AQ


Table of Contents

Background

Rsyslog is the system for log processing. It can deliver over one million messages per second to local destinations when limited processing is applied. Rsyslog can be able to accept inputs from a wide variety of sources, transform them, and output to the results to diverse destinations.

Configuration

To enable remote syslog, go to WMS Settings -> System -> Remote syslog and check the box "Enabled".

...

Directory /rw2/etc/rsyslogd/ is a symlink for /etc/rsyslog.d/.

Messages filter

Syslog messages can be filtered based on two conditions: facility and priority separated by a dot. You can create your own filters or use the default ones (see below):

  • FACILITY specifies the subsystem that produces a specific syslog message. For example, the mail subsystem handles all mail-related syslog messages. FACILITY can be represented by one of the following keywords (or by a numerical code): kern(0), user (1), mail (2), daemon (3), auth (4), syslog (5), lpr (6), news (7), uucp (8), cron (9), authpriv (10), ftp (11), and local0 through local7 (16 - 23)

...

  • *.* - all messages will be sent
  • *.=error - only error messages will be sent
  • *.=warn - only warnings will be sent
  • *.=info - only info messages will be sent

Messages format

Messages format is specified with the help of templates. Templates allow to specify any format a user might want. They are also used for dynamic file name generation. Every output in rsyslog uses templates - this holds true for files, user messages and so on. 

...

  • Forward (RSYSLOG_ForwardFormat) - a new high-precision forwarding format very similar to the traditional one, but with high-precision timestamps and timezone information. Recommended to be used when sending messages to rsyslog 3.12.5 or above
  • Traditional Forward (RSYSLOG_TraditionalForwardFormat) - the traditional forwarding format with low-precision timestamps. Most useful if you send messages to other syslogd’s or rsyslogd below version 3.12.5
  • Syslog protocol 23 (RSYSLOG_SyslogProtocol23Format) - the format specified in IETF’s internet-draft ietf-syslog-protocol-23, which is very close to the actual syslog standard RFC5424. This format includes several improvements. You may use this format with all relatively recent versions of rsyslog or syslogd

Server transport and Server destination

Choose one of the transport protocols to deliver messages to rsyslog based on your network configuration:

...

Enter the IP address of remote server and port where all the messages will be sent.

Appendix 1. How to debug rsyslog traffic

In this Appendix you can find tips on how to debug received rsyslog traffic.

...