[rsyslog-notify] Forum Thread: Config file with RainerScript & RELP - (Mode 'post')
noreply at adiscon.com
noreply at adiscon.com
Tue Aug 12 11:08:51 CEST 2014
User: AirOnSkin
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24824#p24824
Message:
----------
Hello guys
I need a little help. I've been searching the web and reading
tutorials/guids/docs but I'm still confused...
My goal: Setup remote logging for a large number of clients with one
cerntral server using RELP (with TLS) and configuring the clients & the
server so the file structure on the server will look similar to the
standard config on the clients
(/var/syslog/%HOSTNAME%/%YEAR%/%MONTH%/.../{message,maillog,secure,...} or
similar to that).
I would like to only use RainerScript for the config files. The current
standard config file however has a lot of legacy format directives. A lot
of the docs/guides mix up both formats which confuses me a lot, or they
write everything a server sends into a single file which I don't want.
I've also found the online tool to create configurations, but the config
file I get there is so small that I'm not sure if it's enough. I've managed
to get the following for the client config:
[code:38fv8tmo]
# http://www.rsyslog.com/rsyslog-configuration-builder/
# Default Settings
# Load Modules
module(load="omrelp")
# rsyslog Templates
# rsyslog Input Modules
# rsyslog RuleSets
# Default RuleSet
action(type="omrelp"
target="192.168.0.100"
port="2514"
tls="1"
template="template(name=\"forwardFormat\" type=\"string\"
string=\"<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME%
%syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%\"
)")
[/code:38fv8tmo]
On the server I've configured the module like this:
[code:38fv8tmo]
# RELP module
module(load="imrelp")
input(type="imrelp" port="2514")
[/code:38fv8tmo]
I understand how the loading of modules work and that the clients need the
output module for RELP and the server the input module. That should work.
But I have no idea to configure the client to send all it's logfiles to a
remote server using RainerScript, and the server to write these files to a
specifig, hostname/year/month dynamic directory while keeping the
separation between logfiles intact.
Would anyone be able to help me with that? I'd really appreciate it.
Thanks in advance.
Stefan
More information about the rsyslog-notify
mailing list