[rsyslog-notify] Forum Thread: rsyslog error ! - (Mode 'edit_topic')

[noreply at adiscon.com]

User: lee62817 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25601#p25601

Message: 
----------
my rsylog do not  send log to loganalyzer today

i restart rsyslog service  and got error at loanalyzer


[img:3285st1y]http://i62.photobucket.com/albums/h118/lee62817/error1_zpswsl7hzgz.jpg[/img:3285st1y]


[img:3285st1y]http://i62.photobucket.com/albums/h118/lee62817/error2_zpscyirxefc.jpg[/img:3285st1y]


[img:3285st1y]http://i62.photobucket.com/albums/h118/lee62817/error3_zpsstx41rq1.jpg[/img:3285st1y]


my os:centos 7
rsyslogd -version
rsyslogd 7.6.7, compiled with:
        FEATURE_REGEXP:                         Yes
        GSSAPI Kerberos 5 support:              Yes
        FEATURE_DEBUG (debug build, slow code): No
        32bit Atomic operations supported:      Yes
        64bit Atomic operations supported:      Yes
        Runtime Instrumentation (slow code):    No
        uuid support:                           Yes
        Number of Bits in RainerScript integers: 64

my rsyslog.conf

$template insertpl,"insert into SystemEvents (Message, Facility, FromHost,
FromIP, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag)
values ('%msg%', %syslogfacility%, '%HOSTNAME%', '%fromhost-ip%',
%syslogpriority%, '%timereported:::date-mysql%',
'%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",SQL

$template stdmsg,"%timereported% %hostname% %fromhost-ip%
%syslogtag%%$!msg:::sp-if-no-1st-sp%%msg%\n"

#### MODULES ####
$ModLoad ommysql
*.*:ommysql:localhost,Syslog,rsyslog,xxxxxxxxxxx;insertpl
# The imjournal module bellow is now used as a message source instead of
imuxsock.
$ModLoad imuxsock
$ModLoad imjournal
$ModLoad immark
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514

$ModLoad omfwd
*.* @@10.5.1.111:5514;stdmsg
#### GLOBAL DIRECTIVES ####

# Where to place auxiliary files
$WorkDirectory /var/lib/rsyslog

# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# File syncing capability is disabled by default. This feature is usually
not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on

# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf

# Turn off message reception via local log socket;
# local messages are retrieved through imjournal now.
$OmitLocalLogging on

# File to store the position in the journal
$IMJournalStateFile imjournal.state


#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 :omusrmsg:*

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log


how can i enable debug mode  and fix the error


please help me

tks!