Welcome to Rsyslog

Rsyslog is a rocket-fast system for log processing. It offers high-performance, great security features and a modular design. While it started as a regular syslogd, rsyslog has evolved into a kind of swiss army knife of logging, being able to

• accept inputs from a wide variety of sources,

• transform them,

• and output the results to diverse destinations.

Rsyslog has a strong enterprise focus but also scales down to small systems. It supports, among others, MariaDB/MySQL, PostgreSQL, failover log destinations, ElasticSearch, syslog/tcp transport, fine grain output format control, high precision timestamps, queued operations and the ability to filter on any message part.

Manual

• Installation
  • Installing rsyslog from Package
  • Using Rsyslog Docker Containers
  • Installing rsyslog from Source
  • Installing rsyslog from the source repository
• Configuration
  • Configuration Formats
  • Converting older formats to advanced
  • sysklogd format
  • Basic Structure
  • Templates
  • rsyslog Properties
  • The Property Replacer
  • Filter Conditions
  • RainerScript
  • Actions
  • Input
  • Parser
  • timezone
  • Examples
  • Legacy Configuration Directives
  • rsyslog statistic counter
  • Modules
  • Output Channels
  • Dropping privileges in rsyslog
  • Notes on IPv6 Handling in Rsyslog
  • libgcrypt Log Crypto Provider (gcry)
  • libossl Log Crypto Provider (ossl)
  • Dynamic Stats
  • Lookup Tables
  • Percentile Stats
• rsyslog and containers
  • Container-Features
  • docker specifics
• Troubleshooting
  • Typical Problems
  • General Procedure
• FAQ
  • FAQ: some general topics often asked
  • What is the difference between the main_queue and a queue with a ruleset tied to an input?
  • FAQ: Encrypting MySQL Traffic with ommysql Plugin
• Concepts
  • Understanding rsyslog Queues
  • The Janitor Process
  • Message parsers in rsyslog
  • Multiple Rulesets in rsyslog
  • NetStream Drivers
• Example Use Cases
  • Receiving massive amounts of messages with high performance
• Tutorials
  • Encrypting Syslog Traffic with TLS (SSL)
  • Encrypting Syslog Traffic with TLS (SSL) [short version]
  • Writing syslog messages to MariaDB, MySQL, PostgreSQL or any other supported Database
  • Handling a massive syslog database insert rate with Rsyslog
  • Reliable Forwarding of syslog Messages with Rsyslog
  • Recording the Priority of Syslog Messages
  • Failover Syslog Server
  • Log rotation with rsyslog
  • GELF forwarding in rsyslog
  • Log Sampling
  • Random sampling
  • Hash-based Sampling
• Development
  • The rsyslog config data model
  • Objects
  • Debugging
  • rsyslog code style
  • Writing Rsyslog Output Plugins
  • The rsyslog queue object
  • writing rsyslog tests
  • Generic design of a syslogd
• Historical Documents
  • Using php-syslog-ng with rsyslog
  • SSL Encrypting Syslog with Stunnel
  • Legacy Format Samples for Multiple Rulesets
  • Developing rsyslog modules (outdated)

Reference

• RSyslog - History
• Licensing
• How you can Help
• Community Resources
• RSyslog - Features
• Proposals
• Rsyslog Whitepapers
• Free Services for Rsyslog
• Compatibility

Sponsors and Community

Please visit the rsyslog Sponsor’s Page to honor the project sponsors or become one yourself! We are very grateful for any help towards the project goals.

If you like rsyslog, you might want to lend us a helping hand. It doesn’t require a lot of time - even a single mouse click helps. Learn How you can Help.

Contributing to the docs

This documentation is hosted on github. If you find something to be improved, please feel free to fork and file a patch request with your improvements. There is also a Button ‘Edit in GitHub’ on every documentation page beginning with the main docs page that allows easy access.

See also

Help with configuring/using Rsyslog:

• Mailing list - best route for general questions

• GitHub: rsyslog source project - detailed questions, reporting issues that are believed to be bugs with Rsyslog

See also

Contributing to Rsyslog:

• Source project: rsyslog project README.

• Documentation: rsyslog-doc project README

Copyright 2008-2023 Rainer Gerhards (Großrinderfeld), and Others.