• v7.1.1
    • v7.11.0 (latest)
    • v7.10.0
    • v7.9.0
    • v7.8.0
    • v7.7.0
    • v7.6.0
    • v7.5.0
    • v7.3.0
    • v7.2.0
    • v7.1.1
    • v7.1.0
    • v7.0.8
  • Services & Support
  • Devo.com
  • Contact
    • Contact Us
    • Request a Demo
    • Partner Inquiry
  • Log In
    • USA Devo
    • EU Devo
PREVIOUS
Third-party syslog tools configuration
NEXT
Simple sending using rsyslog

Sending data to Devo / Event sources / Unix-like machines / Third-party syslog tools configuration / rsyslog

Download as PDF

rsyslog

Overview

Rsyslog is the default syslog package that is used in the primary Linux distributions today. It consists of a main configuration file (/etc/rsyslog.conf) and a directory (/etc/rsyslog.d/) where other configuration files containing rules for rsyslog processing are stored.

Rsyslog (version 3.19.0 and later) can establish secure channels using SSL/TLS at three possible levels:

  • Encryption only
  • Encryption + SSL certificate
  • Encrypted channel + SSL certificate + client certificate authentication

When using rsyslog to forward events to relay, it is not necessary to establish a secure channel. However, if you want to use rsyslog to forward events directly to your domain in the Devo Cloud, it is necessary to establish a fully secure channel.

In either case, you need to create configuration files that tell rsyslog where to monitor log files on the machine and how to tag and forward the associated events to the Devo endpoint.

Tip

For the primary Linux distributions, the configuration packages will help you set up the forwarding of basic OS system log events to the Devo endpoint. However, if you want to send application log events, you will need to manually edit the syslog configuration files.

Known issues

  • SSL/TLS not working in Ubuntu 12 
  • Outdated version of rsyslog in Debian 5.x (Lenny) 
  • Upgrade from syslog-ng to rsyslog in CentOS 5 
  • On some Fedora and RHEL systems, logs cannot be sent due to SELinux settings

Related articles

  • Simple sending using rsyslog
  • Secure sending using rsyslog
  • Monitoring files using rsyslog
  • Obsolete legacy format

Download as PDF

PREVIOUS
Third-party syslog tools configuration
NEXT
Simple sending using rsyslog

Export

See what Devo can do for you. Request a demo!
Discover what's new (Release notes)
  • v7.1.1
    • v7.11.0 (latest)
    • v7.10.0
    • v7.9.0
    • v7.8.0
    • v7.7.0
    • v7.6.0
    • v7.5.0
    • v7.3.0
    • v7.2.0
    • v7.1.1
    • v7.1.0
    • v7.0.8
  • Services & Support
  • Devo.com
  • Contact
    • Contact Us
    • Request a Demo
    • Partner Inquiry
  • Log In
    • USA Devo
    • EU Devo
  • +1 888 6830910 (USA)
  • +34 900 838 880 (Spain)
Copyright © 2019 Legal Terms Privacy Policy Cookies Policy

Powered by Confluence and Scroll Viewport