a Rocket-fast SYStem for LOG processing
Clone or download
Latest commit f748ff9 Nov 20, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github add GDPR legal notice to contributor doc Jun 1, 2018
compat correct codestyle in rsyslog part 2 Aug 1, 2018
contrib spelling: https Nov 14, 2018
devtools cleanup legacy shell code Nov 10, 2018
grammar config: fix segfault in backticks "echo" expansion of undefined varia… Nov 2, 2018
m4 ax_check_define macro file was missed, added that Dec 17, 2014
platform spelling: https Nov 14, 2018
plugins spelling: https Nov 14, 2018
runtime spelling: https Nov 14, 2018
solaris added some more useful info to Solaris README Mar 29, 2010
tests Merge pull request #3298 from jsoref/https Nov 20, 2018
tools spelling: https Nov 14, 2018
.codecov.yml CodeCov: permit slight drop of coverage but still go "OK" Oct 28, 2018
.gitignore omprog: fix forceSingleInstance flag Sep 9, 2018
.lgtm.yml Enable query results for commented-out code Oct 26, 2018
.shellcheck.yaml fix bad bash coding style and disable shellcheck false positives Oct 23, 2018
.travis.yml testbench: reproduce imkafka hang on unavailable kafaka server Oct 23, 2018
AUTHORS cleaned up AUTHORS file and references Jul 15, 2009
CONTRIBUTING.md add GDPR legal notice to contributor doc Jun 1, 2018
COPYING changed license to GPLv3 (for what is to become rsyslog v3) Dec 14, 2007
COPYING.ASL20 relicense parts under ASL 2.0 Jan 11, 2012
COPYING.LESSER changed some files to grant LGPLv3 extended persmissions on top of GPLv3 Apr 15, 2008
ChangeLog spelling: https Nov 14, 2018
IMFILE imfile: large refactoring of complete module Mar 22, 2018
KNOWN_ISSUES testbench: document problems with libfaketime 0.99.7 Dec 25, 2017
Makefile.am make distcheck did not honor "--enable-mysql-tests" Oct 31, 2018
NEWS upgrading to autotools build system - thank Peter Vrabec for patches and Jul 10, 2007
README fix file name change Dec 22, 2013
README.md spelling: https Nov 14, 2018
action.c SQUASH Oct 30, 2018
action.h cleanup: remove commented-out code Oct 27, 2018
autogen.sh cleanup legacy shell code Nov 10, 2018
configure.ac build system: don't link liblogging-stdlog when available but not ena… Nov 3, 2018
dirty.h correct codestyle in rsyslog Jul 31, 2018
outchannel.c SQUASH Oct 30, 2018
outchannel.h correct codestyle in rsyslog Jul 31, 2018
parse.c SQUASH Oct 30, 2018
parse.h correct codestyle in rsyslog Jul 31, 2018
pom.xml Add pom to package easily the java part with maven Feb 20, 2014
rsyslog.service.in spelling: https Nov 14, 2018
sample.conf spelling: https Nov 14, 2018
syslog-tst.conf Initial revision Nov 8, 2004
template.c SQUASH Oct 30, 2018
template.h cleanup: remove commented-out code Oct 27, 2018
threads.c SQUASH Oct 30, 2018
threads.h correct codestyle in rsyslog Jul 31, 2018

README.md

Rsyslog - what is it?

Help Contribute to Open Source Language Grade: C/C++ Total Alerts

Rsyslog is a rocket-fast system for log processing.

It offers high-performance, great security features and a modular design. While it started as a regular syslogd, rsyslog has evolved into a kind of swiss army knife of logging, being able to accept inputs from a wide variety of sources, transform them, and output to the results to diverse destinations.

Rsyslog can deliver over one million messages per second to local destinations when limited processing is applied (based on v7, December 2013). Even with remote destinations and more elaborate processing the performance is usually considered "stunning".

Mailing List

http://lists.adiscon.net/mailman/listinfo/rsyslog

Installing rsyslog

Most distributions carry rsyslog in their repository. So you usually just need to use the package manager to install it. Note that on non-systemd systems (most notably Ubuntu), rsyslog usually is already installed.

Project-Provided Packages

Unfortunately, distributions often do not catch up with the pace of rsyslog development and as such only offer old versions. To solve that problem, we have created packages for current versions ourselves.

They are available for:

Building from Source

Follow the instructions at: https://www.rsyslog.com/doc/build_from_repo.html

Build Environment

In general, you need

  • libestr
  • liblogging (stdlog component)

It is best to build these from source.

CentOS 6

For json-c, we need:

export PKG_CONFIG_PATH=/lib64/pkgconfig/
sudo yum install git valgrind autoconf automake flex bison python-docutils python-sphinx json-c-devel libuuid-devel libgcrypt-devel zlib-devel openssl-devel libcurl-devel gnutls-devel mysql-devel postgresql-devel libdbi-dbd-mysql libdbi-devel net-snmp-devel

Ubuntu

Add Adiscon repository:

apt-get update && apt-get install -y software-properties-common
add-apt-repository -y ppa:adiscon/v8-stable

Note: if you are a developer who wants to work with git master branch, adding the Adiscon repository is probably not a good idea. It then is better to also compile the supporting libraries from source, because newer versions of rsyslog may need newer versions of the libraries than there are in the repositories. Libraries in question are at least: libestr, liblognorm, libfastjson.

Needed packages to build with omhiredis support:

apt-get update && apt-get install -y build-essential pkg-config libestr-dev libfastjson-dev zlib1g-dev uuid-dev libgcrypt20-dev liblogging-stdlog-dev libhiredis-dev uuid-dev libgcrypt11-dev liblogging-stdlog-dev flex bison

Aditional packages for other modules:

libdbi-dev libmysqlclient-dev postgresql-client libpq-dev libnet-dev librdkafka-dev libgrok-dev libgrok1 libgrok-dev libpcre3-dev libtokyocabinet-dev libglib2.0-dev libmongo-client-dev

For KSI, from the Adiscon PPA:

sudo apt-get install libksi0 libksi-devel

openSUSE 13

sudo zypper install gcc make autoconf automake libtool libcurl-devel flex bison valgrind python-docutils libjson-devel uuid-devel libgcrypt-devel libgnutls-devel libmysqlclient-devel libdbi-devel libnet-devel postgresql-devel net-snmp-devellibuuid-devel libdbi-drivers-dbd-mysql

For the testbench VMs:

sudo zypper install gvim mutt

SUSE LINUX Enterprise Server 11

Available packages:

zypper install gcc make autoconf libtool flex bison

Missing packages:

libcurl-devel valgrind python-docutils uuid-devel libgcrypt-devel libgnutls-devel libmysqlclient-devel libdbi-devel postgresql-devel net-snmp-devel libdbi-drivers-dbd-mysql json-c zlib-dev libdbi

Reporting Bugs

Talk to the mailing list if you think something is a bug. Often, it's just a matter of doing some config trickery.

File bugs at: https://github.com/rsyslog/rsyslog/issues

How to Contribute

Contributions to rsyslog are very welcome. Fork and send us your Pull Requests.

For more information about contributing, see the CONTRIBUTING file.

Note that it is easy to add output plugins using languages like Python or Perl. So if you need to connect to a system which is not yet supported, you can easily do so via an external plugin. For more information see the README file in the external plugin directory.

Documentation

The main rsyslog documentation is available in HTML format. To read it, point your web browser to ./doc/manual.html. Alternatively, you can view the documentation for the most recent rsyslog version online at: https://www.rsyslog.com/doc/

Project Philosophy

We are an open source project in all aspects and very open to outside feedback and contribution. We base our work on standards and try to solve all real-world needs (of course, we occasionally fail tackling actually all needs ;)). While the project is primarily sponsored by Adiscon, technical development is independent from company goals and most decisions are solely based on mailing list discussion results. There is an active community around rsyslog.

There is no such thing like being an official member of the rsyslog team. The closest to that is being subscribed to the mailing list: http://lists.adiscon.net/mailman/listinfo/rsyslog

This method of open discussions is modelled after the IETF process, which is probably the best-known and most successive collaborative standards body.

Project Funding

Rsyslog's main sponsor Adiscon tries to fund rsyslog by selling custom development and support contracts. Adiscon does NOT license rsyslog under a commercial license (this is simply impossible for anyone due to rsyslog's license structure).

Any third party is obviously also free to offer custom development, support and rsyslog consulting. We gladly merge results of such third-party work into the main repository (assuming it matches the few essential things written down in our contribution policy).