rsyslogd Command Examples in Linux

The syslogd service is the original syslog service on Linux. The rsyslogd service makes several improvements, including support for:

  • TCP instead of UDP as the transport protocol, increasing the reliability of transmitted data.
  • Data encryption using SSL/TLS.
  • Outputting data to various database technologies like MySQL.
  • Buffering data on local systems when the remote receiver is not ready to accept it.
  • Filtering data based on content.

In addition, rsyslogd maintains the same basic configuration format as its predecessor, so it is backward compatible in that sense.

The /etc/rsyslog.conf file

The /etc/rsyslog.conf file is the configuration file for the rsyslogd service. This file determines how to handle syslog messages through a variety of rules that you can modify as needed.

The file takes a two-column format. The first column lists message facilities and/or severities. Severities are defined in word format rather than as numbers 0–7. The second column defines what actions should be taken for messages that correspond to the facility and/or severity. Actions include which file to write the message to; which users to print the message to if they are logged in to a terminal; and which remote hosts to forward the message to.

The syslog-ng Service

The syslog-ng service is another replacement for the older syslogd service. Although it offers similar functionality to rsyslogd, syslog-ng has its own syntax.

rsyslogd Command Examples

1. To start the rsyslog service:

# rsyslogd 

2. To suppress the warnings:

# rsyslogd -w 

3. To disable the DNS for remote messaging:

# rsyslogd -x 

4. To send UDP messages to all the targets:

# rsyslogd -A 

5. To causes rsyslogd to listen to IPv4 addresses only:

# rsyslogd -4 

6. To causes rsyslogd to listen to IPv6 addresses only:

# rsyslogd -6 

7. To selects the desired backward compatibility mode:

# rsyslogd -c 4.2 

8. To turn on the debug mode:

# rsyslogd -d 

9. To specify the alernative configuration file:

# rsyslogd -f /etc/file 

10. To specify the alternate pid file:

# rsyslogd -i /var/ 

11. To specify the hostnames to be logged:

# rsyslogd -l myhost.net 

12. To avoid auto-backgrounding:

# rsyslogd -n 

13. To do a config check:

# rsyslogd -N 1 

14. To specify a domainname that should be stripped off before logging:

# rsyslogd -s .net 

15. To print the version:

# rsyslogd -v 
Related Post