Rsyslog is a log proccessing framework optimized for performance and throughput. It has a modular design, and offers great security features. It evolved from a regular syslogd into a log message distribution and transformation system for different targets. It's multi-threaded, works atop TCP, SSL, TLS, RELP, can use MySQL, PostgreSQL, Oracle and other databases, filter syslog messages even partially, provides a configurable output format, and has been tested with enterprise-class relay chains.
Homepage
Download
Recent Releases
8.9.007 Apr 2015 21:47
major bugfix:
Omprog: add option "hup.forward" to forwards HUP to external plugins.
Imuxsock: added capability to use regular parser chain.
Previously, this was a fixed format, that was known to be spoken on
the system log socket.
0mq: improvements in input and output modules
Imtcp: add support for ip based bind for imtcp - param "address"
Bugfix: MsgDeserialize out of sync with MsgSerialize for StrucData.
Bugfix imfile: partial data loss, especially in readMode != 0.
Bugfix: potential large memory consumption with failed actions.
Bbugfix: omudpspoof: invalid default send template in RainerScript format
The file format template was used, which obviously does not work for
forwarding.
Bugfix: size-based legacy config statements did not work properly
on some platforms, they were incorrectly handled, resulting in all
sorts of "interesting" effects (up to segfault on startup).
Build system: added option --without-valgrind-testbench which provides the capability to either enforce or turn off valgrind use inside the testbench.
Rsyslogd: fix misleading typos in error messages
8.7.010 Dec 2014 03:45
bugfix:
BSD "ntp" facility is now also supported in filter
Thanks to Douglas K. Rand of Iteris, Inc. for the patch.
Note: this patch was released under ASL 2.0 .
bugfix: global was not respected in all modules
bugfix: emit correct error message on config-file-not-found
closes https://github.com/rsyslog/rsyslog/issues/173
8.6.005 Dec 2014 22:05
bugfix:
NOTE: This version also incorporates all changes and enhancements made for
v8.5.0, but in a stable release. For details see immediately below.
configuration-setting rsyslogd command line options deprecated
For most of them, there are now proper configuration objects. Some few
will be completely dropped if nobody insists on them. Additional info at
http://blog.gerhards.net/2014/11/phasing-out-legacy-command-line-options.html
new and enhanced plugins for 0mq. These are currently experimantal.
Thanks to Brian Knox who contributed the modules and is their author.
empty rulesets have been permitted. They no longer raise a syntax error.
add parameter -N3 to enable config check of partial config file
Use for config include files. Disables checking if any action exists at
all.
rsyslogd -e option has finally been removed
It is deprectated since many years.
testbench improvements
Testbench is now more robust and has additional tests.
testbench is now by default disabled
To enable it, use --enable-testbench. This was done as the testbench now
does better checking if required modules are present and this in turn
would lead to configure error messages where non previously were if we
would leave --enable-testbench on by default. Thus we have turned it off.
This should not be an issue for those few testbench users.
add new RainerScript functions warp and replace
Thanks to Singh Janmejay for the patch.
mmnormalize can now also work on a variable
Thanks to Singh Janmejay for the patch.
new property date options for day ordinal and week number
Thanks to github user arrjay for the patch
remove --enable-zlib configure option, we always require it
It's hard to envision a system without zlib, so we turn this off
closes https://github.com/rsyslog/rsyslog/issues/76
slight source-tree restructuring: contributed modules are now in their
own ./contrib directory. The idea is to make it clearer to the end user
which plugins are supported by the rsyslog project .
bugfix: imudp makes rsyslog han
8.4.101 Oct 2014 03:34
minor bugfix:
- imudp: add for bracketing mode, which makes parsing stats easier
- permit at-sign in variable names
closes: https://github.com/rsyslog/rsyslog/issues/110
- bugfix: fix syntax error in anon_cc_numbers.py script
Thanks to github user anthcourtney for the patch.
closes: https://github.com/rsyslog/rsyslog/issues/109
- bugfix: ompgsql: don't loose uncomitted data on retry
Thanks to Jared Johnson and Axel Rau for the patch.
- bugfix: imfile: if a state file for a different file name was set,
that different file (name) was monitored instead of the configured
one. Now, the state file is deleted and the correct file monitored.
closes: https://github.com/rsyslog/rsyslog/issues/103
- bugfix: omudpspoof: source port was invalid
Thanks to Pavel Levshin for the patch
- bugfix: build failure on systems which don't have json_tokener_errors
Older versions of json-c need to use a different API (which don't exists
on newer versions, unfortunately...)
Thanks to Thomas D. for reporting this problem.
- bugfix: omelasticsearch does not work with broken/changed ES 1.0+ API
closes: https://github.com/rsyslog/rsyslog/issues/104
- bugfix: mmanon did not properly anonymize IP addresses starting with '9'
Thanks to defa-at-so36.net for reporting this problem.
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=529
- bugfix: build problems on SuSe Linux
Thanks Andreas Stieger for the patch
- bugfix: omelasticsearch error file did not work correctly on ES 1.0+
due to a breaking change in the ElasticSearch API.
see also: https://github.com/rsyslog/rsyslog/issues/104
- bugfix: potential abort when a message with PRI 191 was processed
if the "pri-text" property was used in active templates, this could
be abused to a remote denial of service from permitted senders
see also: CVE-2014-3634
8.3.505 Aug 2014 22:22
minor bugfix:
Now emits an error message via regular syslog() if loading the binary fails after forking.
A couple of patches were imported from v7-stable (7.6.4).