Guides

• Newbie guide to RSYSLOG

• Installing RSYSLOG from RPM

• Sending messages with tags larger than 32 characters

• Using the syslog receiver module

• Using the Text File Input Module

Some core configs

This section contains some basics. Things, that are used ever and ever again. It also contains some more in-depth description of what rsyslog does and why. It is recommended to at least briefly read through this part before going to more complex scenarios.

• TLS secured syslog via RELP

• Action’s with directives

• Writing specific messages to a file and discarding them

• Sending Messages to a Remote Syslog Server

• Receiving Messages from a Remote System

• Using a different log Format for all Files

• Discarding unwanted messages

More complex scenarios

• RSYSLOG and ElasticSearch

• Parsing JSON (CEE) Logs and Sending them to Elasticsearch

• Using TLS with RELP

• Log normalization for different formats

• Using MongoDB with RSYSLOG and LogAnalyzer

• Normalizing Cisco ASA messages

• Receiving CEE enhanced syslog in RSYSLOG

• Storing and forwarding remote messages

• How to write to a local socket?

• Storing Messages from a Remote System into a specific File

• Integration with “standard” syslogd