Using Rsyslog to send application logs to syslog server

linux rsyslog
19,262

Solution 1

rsyslog has support for reading from a file. This is done with the imfile module. You need the following config:

module(load="imfile" PollingInterval="10") #needs to be done just once
# needs to be done for each file you want to watch
input(type="imfile" File="/path/to/file1" 
     Tag="tag1" 
      StateFile="statefile1" 
      Severity="error" 
      Facility="local7")

There's more information at the rsyslog documentation site

Solution 2

You can always use the old syntax:

eg. /etc/rsyslog.d/11-your-file.conf

$ModLoad imfile
$InputFileName  /app/your-file.log 
$InputFileTag   your-tag
$InputFileStateFile     your-tag 
$InputFileSeverity      info
$InputFileFacility      local7 
$InputRunFileMonitor
$InputFilePersistStateInterval 1000 
local7.*  @@remote-rsyslog-server:port
Share:
19,262

Related videos on Youtube

Author by

Lego

Updated on September 18, 2022

Comments

  • Lego about 1 year

    I'm trying to setup my rsyslog to send logs generated by an application under /opt/appname/logs to a remote syslog server. I have already configured rsyslog to send OS level logs but wanted to see if it can also send logs of an application. I'm not sure if IncludeConfig directive works as it looks for another *.conf file.

    • MadHatter
      MadHatter almost 10 years
      Does the application do its logging via syslog?
    • Lego almost 10 years
      I don't think so. This is a tomcat based application and dumps logs to a directory. I wanted them to be fed to a SIEM based application so that we see ALL of them on a central console.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Haproxy not logging with rsyslog
Configuring SELINUX to allow logging to a file that's outside /var/log
How can I send non-default log files to remote rsyslog server?
rsyslog: Log some messages only to specific file
Forward Windows Events Logs to Rsyslog
System logs are empty (/var/log/messages; /var/log/secure; etc)
rsyslog does not write remote messsages to log file from specific host
rsyslog: How do I direct messages from all remote machines to one file?
Journalctl and syslog: How does it actually work?
rsyslog not logging messages