For Next Stage

To use Rsyslog well, it is essential to create a template that fits the desired output format, and this is an essential function of Rsyslog. We will deal with the detailed template later, and first of all, let's see what a template is. The main contents introduced in the Rsyslog document are as follows. Key Feature of Rsyslog It makes the format the user wants. It dynamically creates a file. Provides a customizing function to database users by using appropriate SQL. Template Example template(name="tpl1" type="list") { constant(value="Syslog MSG is: '") property(name="msg") constant(value="', ") property(name="timereported" dateFormat="rfc3339" caseConversion="lower") constant(value="\n") } If you define a template as above, you can output a specific log accordingly. However, to define a template, you need to know the properties used in Rsyslog. In this...

Syslog Definition Syslog is a standard protocol that defines log information and collection with 'The BSD syslog protocol' defined in RFC 3164. Transport Protocol Syslog transmits log information using the User Datagram Protocol (UDP) and is transmitted using port number 514. Since UDP is used, the reliability of the transfer cannot be guaranteed and is unilaterally transferred to the server and ended. Packet Format Syslog Message is divided into PRI Part, Header, and MSG. PRI Part It consists of Facility and Severity. The Facility is defined as follows: Numerical Code Facility 0 Kernel messages 1 User-level messages 2 Mail system 3 System daemons 4 Security/authentication messages 5 Messages generated internally by syslogd 6 Line printer subsystem 7 Network news subsystem 8 UUCP subsystem 9 Clock daemon 10 Security/authentication messages 11 FTP daemon 12 NTP subsystem 13 Log audit 14 Log alert 15 Scheduling daemon 16–23 Locally used facilities Severity  Numerical Code Severit...