Help
Add this page to your book
Show book (0 pages)
Suggest pagesRsyslog
 |
This article may be too technical for most readers to understand. Please help improve this article to make it understandable to non-experts, without removing the technical details. The talk page may contain suggestions. (July 2008) |
| Original author(s) | Rainer Gerhards |
|---|---|
| Stable release | 5.8.2 / June 21, 2011 |
| Preview release | 6.1.2 / December 16, 2010 |
| Written in | C |
| Operating system | Unix-like |
| Type | System logging |
| License | GNU General Public License v3 |
| Website | http://www.rsyslog.com/ |
Rsyslog is an open source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IP network. It implements the basic syslog protocol, extends it with content-based filtering, rich filtering capabilities, flexible configuration options and adds important features such as using TCP for transport.
Contents |
[edit] Protocol
Rsyslog uses the quasi-standard BSD syslog protocol, specified in RFC 3164. As the text of RFC 3164 is just a vague informational description and not a standard, various incompatible extensions of it emerged. Rsyslog supports many of these extensions. The format of relayed messages can be customized.
The most important extensions of the original protocol supported by rsyslog are:
- ISO 8601 timestamp with millisecond granularity and timezone information
- the addition of the name of relays in the host fields to make it possible to track the path a given message has traversed
- reliable transport using TCP
- support GSS-API and TLS
- logging directly into various database engines.
- support for the upcoming new IETF syslog RFC series
- support for buffered operation modes where messages are buffered locally if the receiver is not ready
[edit] History
The rsyslog project began in 2004, when Rainer Gerhards, the primary author of rsyslog, decided to write a new strong syslog daemon to compete with syslog-ng, because; and according to the author "A new major player will prevent monocultures and provide a rich freedom of choice."[1] Rainer Gerhards worked on rsyslog inside his own company, Adiscon GmbH.
[edit] Distributions
rsyslog is available for a number of Unix systems and Linux distributions, among others:[2]
- Fedora (In November 2007, rsyslog has become the default syslogd for the Fedora project) Fedora was the first major distribution to adopt this software.
- openSUSE (default since 11.2; November 2009)
- Debian GNU/Linux (As of Debian 5.0, rsyslog has become the default syslog[3])
- Ubuntu
- Red Hat Enterprise Linux (from RHEL 5)
- Solaris
- FreeBSD
- OpenBSD
- Gentoo
- Arch Linux
[edit] Related RFCs and working groups
- RFC 3164 - The BSD syslog Protocol (obsoleted by RFC 5424)
- RFC 5424 - The Syslog Protocol (obsoletes RFC 3164)
- RFC 5425 - Transport Layer Security Mapping for Syslog
- RFC 5426 - Transmission of Syslog Messages over UDP
[edit] References
- ^ "Why does the world need another syslog?". August 12, 2007. http://blog.gerhards.net/2007/08/why-does-world-need-another-syslogd.html. Retrieved June 7, 2009.
- ^ "Platforms". http://wiki.rsyslog.com/index.php/Platforms. Retrieved June 7, 2009.
- ^ "Debian 5.0 release notes". February 14, 2009. http://www.debian.org/releases/lenny/i386/release-notes/ch-whats-new.en.html#system-changes. Retrieved February 16, 2009. "The package rsyslog takes over as default system and kernel logging daemon for Debian 5.0, replacing syslogd and klogd."
