He,YuanHui —— 业精于勤荒于嬉,行成于思毁于随

如果你喜欢一个事,又有这样的才干,那就把整个人都投入进去,就要象一把刀直扎下去直到刀柄一样,不要问为什么,也不要管会碰到什么。

  博客园 :: 首页 :: 博问 :: 闪存 :: 新随笔 :: 联系 :: 订阅 订阅 :: 管理 ::

rsyslog.conf configuration file

This document is currently being enhanced. Please pardon its current appearance.

Rsyslogd is configured via the rsyslog.conf file, typically found in /etc. By default, rsyslogd reads the file /etc/rsyslog.conf. This may be changed by a command line option.

Configuration file examples can be found in the rsyslog wiki.

There is also one sample file provided together with the documentation set. If you do not like to read, be sure to have at least a quick look at rsyslog-example.conf.

While rsyslogd contains enhancements over standard syslogd, efforts have been made to keep the configuration file as compatible as possible. While, for obvious reasons, enhanced features require a different config file syntax, rsyslogd should be able to work with a standard syslog.conf file. This is especially useful while you are migrating from syslogd to rsyslogd.

Modules

Lines

Lines can be continued by specifying a backslash ("\") as the last character of the line. There is a hard-coded maximum line length of 4K. If you need lines larger than that, you need to change compile-time settings inside rsyslog and recompile.

Configuration Directives

Basic Structure

Rsyslog supports standard sysklogd's configuration file format and extends it. So in general, you can take a "normal" syslog.conf and use it together with rsyslogd. It will understand everything. However, to use most of rsyslogd's unique features, you need to add extended configuration directives.

Rsyslogd supports the classical, selector-based rule lines. They are still at the heart of it and all actions are initiated via rule lines. A rule lines is any line not starting with a $ or the comment sign (#). Lines starting with $ carry rsyslog-specific directives.

Every rule line consists of two fields, a selector field and an action field. These two fields are separated by one or more spaces or tabs. The selector field specifies a pattern of facilities and priorities belonging to the specified action.

Lines starting with a hash mark ("#'') and empty lines are ignored.

Templates

Output Channels

Filter Conditions

Actions

Examples

Here you will find examples for templates and selector lines. I hope they are self-explanatory. If not, please see www.monitorware.com/rsyslog/ for advise.

Configuration File Syntax Differences

Rsyslogd uses a slightly different syntax for its configuration file than the original BSD sources. Originally all messages of a specific priority and above were forwarded to the log file. The modifiers "='', "!'' and "!-'' were added to make rsyslogd more flexible and to use it in a more intuitive manner.

The original BSD syslogd doesn't understand spaces as separators between the selector and the action field.

When compared to syslogd from sysklogd package, rsyslogd offers additionalfeatures (like template and database support). For obvious reasons, the syntax for defining such features is available in rsyslogd, only.

[back to top] [manual index] [rsyslog site]

This documentation is part of the rsyslog project.
Copyright © 2008,2009 by Rainer Gerhards and Adiscon. Released under the GNU GPL version 3 or higher.

posted on 2010-12-31 13:17  He,YuanHui  阅读(1095)  评论(0编辑  收藏  举报

Add to Google