Skip to main content

Rsyslog Properties

To use Rsyslog well, it is essential to create a template that fits the desired output format, and this is an essential function of Rsyslog. We will deal with the detailed template later, and first of all, let's see what a template is.

The main contents introduced in the Rsyslog document are as follows.
  • Key Feature of Rsyslog
  • It makes the format the user wants.
  • It dynamically creates a file.
  • Provides a customizing function to database users by using appropriate SQL.

Template Example

template(name="tpl1" type="list") {
constant(value="Syslog MSG is: '")
property(name="msg")
constant(value="', ")
property(name="timereported" dateFormat="rfc3339" caseConversion="lower")
constant(value="\n")
}








If you define a template as above, you can output a specific log accordingly. However, to define a template, you need to know the properties used in Rsyslog. In this post, I will try to summarize Rsyslog properties.

Properties

Description

msg 

message part of rsyslog

fromhost 

hostname of the system to transmit

fromhost-ip

same as hostname but IP address

syslogtag

Syslog Messasge TAG 

programname

Static part of tag defined in BSD syslogd

pri

PRI value of syslog message

syslogfacility

facility of syslog message

syslogfacility-text

Syslog Message's facility text form

syslogseverity

Syslog Message's sverity numerical form

syslogseverity-text

Syslog Message's severity text form

timegenerated

timestamp of received time 

timereported   

timestamp of reported time

timestamp

same of timereported

app-name

APP-NAME field defined in IETF draft draft-ietf-syslog-protocol

You will mainly write templates by using the above Properties. Next, let's create a template with an example.
Labels:

Comments

Post a Comment

Popular posts from this blog

What is NMS and EMS

First of all, NMS is an abbreviation for Network Management System, and EMS is an abbreviation for Element Management System. TMN, a very old standard document, describes the two as concepts such as NM, EM, and NE. We will look at the relevant standard documents when there is an opportunity in the future, and first, let's look at a schematic concept. In order to efficiently operate and manage network equipment, NMS and EMS suitable for the service area are required. In general, in the case of wired networks, NMS is often operated alone, and in the case of mobile communication networks, EMS is required in addition to NMS. In this article, we will examine the concept of the overall management system and explain the differences between NMS and EMS. Management System refers to a GUI system that performs network management functions, usually represented by FCAPS. Here, FCAPS means the following five functions. l   Fault Management  l   Configuration Management l   Accou...
Post a Comment
Read more

FCAPS: Major Functions of Management System(NMS, EMS)

  When defining the functions of NMS and EMS, it is often referred to as FCAPS. FCAPS stands for Fault, Configuration, Account, Performance, and Security. The functions of a normal management system are all included in this category. Let's take a look at each function.   Fault Management Fault means unavailable status. When talking about a fault, it is usually referred to as an alarm. Fault and alarm are not specifically distinguished, but to be strict, fault can be considered to mean a phenomenon in which a fault occurred in the system, and faults are classified into hardware and software. Alarm defines in detail about a fault that has occurred and informs the operator when a fault occurs.   According to the definition of the standard document, Alarm usually has Severity, Probable Cause, Category, and additionally includes location information. A brief look at each definition is as follows.   Severity: Severity is defined as Critical Major, Minor, Warn...
Post a Comment
Read more

Install VirtualBox Ubuntu 20.04

Let's install Ubuntu on VirtualBox. The installed version is based on 20.04, it is the latest LTS version at the time of writing. If you want to download another version, you can go to releases.ubuntu.com and download the version you want. 1. Ubuntu Download  Go to the site below and download Ubuntu 20.04 Version. ubuntu.com/download/desktop   2. Installation 2.2 Input Name, and click Next(N). 2.3 For the memory size, set the recommended memory size of 1024 MB. 2.4 Set up the hard disk. Use the recommended 10.00 GB.     2.5 Select the hard disk file type as VDI. 2.6 Storing on a physical hard drive selects dynamic allocation. 2.7 Confirm file location and size. 2.8 Once you've done that, you'll see your virtual machine as shown below. 2.9  From now on, it is the process of installing Ubuntu on the virtual machine. Run setup and select storage as shown below   2.10 Controller: Select IDE's Empty and choose the optical drive. Just select the Ubuntu file you d...
Post a Comment
Read more