Discussion:
[rsyslog] rsyslog log rotation
robert s
2013-11-07 16:44:31 UTC
Permalink
Hello Everyone,

I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
done:

I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?

The only place that I was able to find some info was to use a template
like this:

$template DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs


If there might be any more documentation that I may be pointed to I
would really appreciate it.

Robert
David Lang
2013-11-08 06:11:54 UTC
Permalink
you don't need to use dynamic file names for this (there is a fair bit of
overhead in using dynamic filenames)

you can write to a file, and then do the following

mv the file to a new filename on the same filesystem (same directory is almost
always safe, I like to move files to filename.YYMMDD-HHMM)

send rsyslog kill -HUP to tell it to close all it's output files and reopen them
as needed

move the old data to it's new location, compress it, etc

note that if you output compressed files, there may be a bit of work for rsyslog
to do after you send it the HUP, so you need to sleep for a second or few after
doing the HUP before doing other things with the file.

David Lang

On Thu, 7 Nov 2013,
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
robert s
2013-11-08 13:38:50 UTC
Permalink
Thanks David,

I am not sure I understand the moving part..? is it literally a mv
command that I can put in a bash script, and automate every 4 hours
with cron? while doing this mv does the rsyslog service need to stop
or is that what the kill -HUP is for?

Robert
Post by David Lang
you don't need to use dynamic file names for this (there is a fair bit of
overhead in using dynamic filenames)
you can write to a file, and then do the following
mv the file to a new filename on the same filesystem (same directory is
almost always safe, I like to move files to filename.YYMMDD-HHMM)
send rsyslog kill -HUP to tell it to close all it's output files and reopen
them as needed
move the old data to it's new location, compress it, etc
note that if you output compressed files, there may be a bit of work for
rsyslog to do after you send it the HUP, so you need to sleep for a second
or few after doing the HUP before doing other things with the file.
David Lang
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
Pavel Levshin
2013-11-08 14:31:06 UTC
Permalink
Yes, it can be just a mv command. And you do not need to stop or restart
the rsyslog, it will just close and reopen the file on HUP. So, you
rename the file first, and kill -HUP after it.

This is what tools like 'logrotate' generally do.


--
Pavel Levshin
Post by robert s
Thanks David,
I am not sure I understand the moving part..? is it literally a mv
command that I can put in a bash script, and automate every 4 hours
with cron? while doing this mv does the rsyslog service need to stop
or is that what the kill -HUP is for?
Robert
Post by David Lang
you don't need to use dynamic file names for this (there is a fair bit of
overhead in using dynamic filenames)
you can write to a file, and then do the following
mv the file to a new filename on the same filesystem (same directory is
almost always safe, I like to move files to filename.YYMMDD-HHMM)
send rsyslog kill -HUP to tell it to close all it's output files and reopen
them as needed
move the old data to it's new location, compress it, etc
note that if you output compressed files, there may be a bit of work for
rsyslog to do after you send it the HUP, so you need to sleep for a second
or few after doing the HUP before doing other things with the file.
David Lang
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
David Lang
2013-11-08 17:38:36 UTC
Permalink
short version:
this is a script you run from cron, the HUP after the move is all the is needed

long version:
when a program has a file open (the way rsyslog does), a mv just renames the
file, and rsyslog will keep writing to the file with it's new name, you can also
use the link command to create multiple names, and then rm the original name and
the program with the file open will keep writing to it properly, and if you rm
the file, and some program has it open, the file will actually not be delted and
the program will keep writing to it (which can cause some very interesting out
of disk space situations :-)

the HUP tells rsyslog to close the file, and when it next needs to write to that
file, it will open it again, since you moved the data to a different filename,
the file that it opens is going to be a new one.

David Lang

On Fri, 8 Nov 2013, robert s
Post by robert s
Thanks David,
I am not sure I understand the moving part..? is it literally a mv
command that I can put in a bash script, and automate every 4 hours
with cron? while doing this mv does the rsyslog service need to stop
or is that what the kill -HUP is for?
Robert
Post by David Lang
you don't need to use dynamic file names for this (there is a fair bit of
overhead in using dynamic filenames)
you can write to a file, and then do the following
mv the file to a new filename on the same filesystem (same directory is
almost always safe, I like to move files to filename.YYMMDD-HHMM)
send rsyslog kill -HUP to tell it to close all it's output files and reopen
them as needed
move the old data to it's new location, compress it, etc
note that if you output compressed files, there may be a bit of work for
rsyslog to do after you send it the HUP, so you need to sleep for a second
or few after doing the HUP before doing other things with the file.
David Lang
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Lucas Tobey
2013-11-08 22:59:02 UTC
Permalink
Hi,

Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?

Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
robert s
2013-11-11 14:53:24 UTC
Permalink
Thanks for the response Lucas,

I am not sure what you are referring to the logrotate program?

Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
David Lang
2013-11-11 20:37:48 UTC
Permalink
http://linuxcommand.org/man_pages/logrotate8.html

or 'man logrotate'

David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none -?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
robert s
2013-11-11 20:44:23 UTC
Permalink
Oh Im sorry, I was thinking it was something relating to rsyslog. thanks David

Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
robert s
2013-11-13 22:02:03 UTC
Permalink
Hello guys,

regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.

Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog. thanks David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
David Lang
2013-11-13 23:33:57 UTC
Permalink
the command is kill -HUP pid where pid is the pid of the process you want to
kill

you can also do killall -HUP processname (in this case processname is rsyslogd)
to send the signal to all processes with that name.

when rsyslog gets a HUP, it logs it, look for logs from rsyslog.

David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog. thanks David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
robert s
2013-11-14 20:42:29 UTC
Permalink
thanks David,

Lastly, on your first email that you replied to this, you said to move
the files as YYYYMMDD, then hup the process, the question I have here
is this if I move the files while rsyslog is writing to them, won't I
loose files? should I hup the process then move the files instead?

I have many logs that will need to be rotated and zipped, roughly 200
logfiles every 4 hours, I have a script that defines which logs I want
to rotate, the script is a little messy and kinda confusing, there is
error checking and a lot of logic, I am wondering if it would be best
to start clean with logrorate and just do the mv and hup?

Robert
Post by David Lang
the command is kill -HUP pid where pid is the pid of the process you want to
kill
you can also do killall -HUP processname (in this case processname is
rsyslogd) to send the signal to all processes with that name.
when rsyslog gets a HUP, it logs it, look for logs from rsyslog.
David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog. thanks David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
David Lang
2013-11-14 21:25:49 UTC
Permalink
no, it really is move then HUP

the way things work is that rsyslog opens the file, and after that it accesses
the file via a filehandle. That filehandle remains until rsyslog closes the
file. It doesn't matter if you rename, or even delete the file, rsyslog will
still write to the file though that filehandle.

So you rename the file to something new, and rsyslog keeps writing happily to
that file. Then you send rsyslog a HUP and rsyslog closes all outputs and when
the next messages arrive, it opens the files as needed, and when it goes to open
them it finds they do not exist, so it creates new ones (some old versions of
syslog would not create new files, you had to do that before issuing the HUP)

David Lang
Date: Thu, 14 Nov 2013 15:42:29 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
thanks David,
Lastly, on your first email that you replied to this, you said to move
the files as YYYYMMDD, then hup the process, the question I have here
is this if I move the files while rsyslog is writing to them, won't I
loose files? should I hup the process then move the files instead?
I have many logs that will need to be rotated and zipped, roughly 200
logfiles every 4 hours, I have a script that defines which logs I want
to rotate, the script is a little messy and kinda confusing, there is
error checking and a lot of logic, I am wondering if it would be best
to start clean with logrorate and just do the mv and hup?
Robert
Post by David Lang
the command is kill -HUP pid where pid is the pid of the process you want to
kill
you can also do killall -HUP processname (in this case processname is
rsyslogd) to send the signal to all processes with that name.
when rsyslog gets a HUP, it logs it, look for logs from rsyslog.
David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog. thanks David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
robert s
2013-11-14 21:36:18 UTC
Permalink
:) thanks David, I really appreciate the explanation, it was confusing
me because I couldn't grasp the idea of files being written to while
moved.

So I would just do a logrotate.d for rsyslog,

/define/my/logfiles
{
prerotate or sharescript
mv /logfiles/to/new/YYYYMMDD/format
endscript

postrotate
/usr/bin/killall -HUP rsyslogd
endscript
compress
}

and hopefully it will work :)

Robert
Post by David Lang
no, it really is move then HUP
the way things work is that rsyslog opens the file, and after that it
accesses the file via a filehandle. That filehandle remains until rsyslog
closes the file. It doesn't matter if you rename, or even delete the file,
rsyslog will still write to the file though that filehandle.
So you rename the file to something new, and rsyslog keeps writing happily
to that file. Then you send rsyslog a HUP and rsyslog closes all outputs and
when the next messages arrive, it opens the files as needed, and when it
goes to open them it finds they do not exist, so it creates new ones (some
old versions of syslog would not create new files, you had to do that before
issuing the HUP)
David Lang
Date: Thu, 14 Nov 2013 15:42:29 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
thanks David,
Lastly, on your first email that you replied to this, you said to move
the files as YYYYMMDD, then hup the process, the question I have here
is this if I move the files while rsyslog is writing to them, won't I
loose files? should I hup the process then move the files instead?
I have many logs that will need to be rotated and zipped, roughly 200
logfiles every 4 hours, I have a script that defines which logs I want
to rotate, the script is a little messy and kinda confusing, there is
error checking and a lot of logic, I am wondering if it would be best
to start clean with logrorate and just do the mv and hup?
Robert
Post by David Lang
the command is kill -HUP pid where pid is the pid of the process you want to
kill
you can also do killall -HUP processname (in this case processname is
rsyslogd) to send the signal to all processes with that name.
when rsyslog gets a HUP, it logs it, look for logs from rsyslog.
David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog.
thanks
David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
David Lang
2013-11-14 22:42:44 UTC
Permalink
not examining for syntax errors in the logrotate config, this looks mostly
correct.

One important thing, the move before the HUP needs to remain on the same
filesystem (a mv to a different filesystem is copy + delete, which would cause
logs to be lost as they get written after the copy completes)

so it's more

/define/my/logfiles
{
prerotate or sharescript
mv /define/my/logfiles /define/my/logfiles.YYMMDD-HHMM
endscript

postrotate
/usr/bin/killall -HUP rsyslogd
mv /define/my/logfiles.YYMMDD-HHMM /final/destination
endscript
compress
}

It's very common to have the logs arrive to a local (fast) disk and then rotate
them off to slower (frequently NFS) storage. On many of my systems, I have a
fast (SCSI/SAS or SSD) disk and then a slow, but huge SATA disk for the
archives.

I also avoid using wildcards in this process. It gets _really_ ugly if it's not
quite finished processing one logfile when the next one rotates if you have a
wildcard and the mv/copy/compress intended for the new file finds the old one
still around and trys to do it again as well.

If you have a long rotation period, this isn't as likely to happen, but I have
systems where I rotate the files every minute and at peak times the system may
fall behind once in a while. with wildcards this turns into a 'box down' result
while without it nothing bad happens.

David Lang
Post by robert s
:) thanks David, I really appreciate the explanation, it was confusing
me because I couldn't grasp the idea of files being written to while
moved.
So I would just do a logrotate.d for rsyslog,
/define/my/logfiles
{
prerotate or sharescript
mv /logfiles/to/new/YYYYMMDD/format
endscript
postrotate
/usr/bin/killall -HUP rsyslogd
endscript
compress
}
and hopefully it will work :)
Robert
Post by David Lang
no, it really is move then HUP
the way things work is that rsyslog opens the file, and after that it
accesses the file via a filehandle. That filehandle remains until rsyslog
closes the file. It doesn't matter if you rename, or even delete the file,
rsyslog will still write to the file though that filehandle.
So you rename the file to something new, and rsyslog keeps writing happily
to that file. Then you send rsyslog a HUP and rsyslog closes all outputs and
when the next messages arrive, it opens the files as needed, and when it
goes to open them it finds they do not exist, so it creates new ones (some
old versions of syslog would not create new files, you had to do that before
issuing the HUP)
David Lang
Date: Thu, 14 Nov 2013 15:42:29 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
thanks David,
Lastly, on your first email that you replied to this, you said to move
the files as YYYYMMDD, then hup the process, the question I have here
is this if I move the files while rsyslog is writing to them, won't I
loose files? should I hup the process then move the files instead?
I have many logs that will need to be rotated and zipped, roughly 200
logfiles every 4 hours, I have a script that defines which logs I want
to rotate, the script is a little messy and kinda confusing, there is
error checking and a lot of logic, I am wondering if it would be best
to start clean with logrorate and just do the mv and hup?
Robert
Post by David Lang
the command is kill -HUP pid where pid is the pid of the process you want to
kill
you can also do killall -HUP processname (in this case processname is
rsyslogd) to send the signal to all processes with that name.
when rsyslog gets a HUP, it logs it, look for logs from rsyslog.
David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog.
thanks
David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This may be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
robert s
2013-11-15 14:04:51 UTC
Permalink
Thank you David, this really helps, but if wildcards do not work for
you, how do you move many log files, do you define all the log files
on the logrotate.d?

Robert
Post by David Lang
not examining for syntax errors in the logrotate config, this looks mostly
correct.
One important thing, the move before the HUP needs to remain on the same
filesystem (a mv to a different filesystem is copy + delete, which would
cause logs to be lost as they get written after the copy completes)
so it's more
/define/my/logfiles
{
prerotate or sharescript
mv /define/my/logfiles /define/my/logfiles.YYMMDD-HHMM
endscript
postrotate
/usr/bin/killall -HUP rsyslogd
mv /define/my/logfiles.YYMMDD-HHMM /final/destination
endscript
compress
}
It's very common to have the logs arrive to a local (fast) disk and then
rotate them off to slower (frequently NFS) storage. On many of my systems, I
have a fast (SCSI/SAS or SSD) disk and then a slow, but huge SATA disk for
the archives.
I also avoid using wildcards in this process. It gets _really_ ugly if it's
not quite finished processing one logfile when the next one rotates if you
have a wildcard and the mv/copy/compress intended for the new file finds the
old one still around and trys to do it again as well.
If you have a long rotation period, this isn't as likely to happen, but I
have systems where I rotate the files every minute and at peak times the
system may fall behind once in a while. with wildcards this turns into a
'box down' result while without it nothing bad happens.
David Lang
Post by robert s
:) thanks David, I really appreciate the explanation, it was confusing
me because I couldn't grasp the idea of files being written to while
moved.
So I would just do a logrotate.d for rsyslog,
/define/my/logfiles
{
prerotate or sharescript
mv /logfiles/to/new/YYYYMMDD/format
endscript
postrotate
/usr/bin/killall -HUP rsyslogd
endscript
compress
}
and hopefully it will work :)
Robert
Post by David Lang
no, it really is move then HUP
the way things work is that rsyslog opens the file, and after that it
accesses the file via a filehandle. That filehandle remains until rsyslog
closes the file. It doesn't matter if you rename, or even delete the file,
rsyslog will still write to the file though that filehandle.
So you rename the file to something new, and rsyslog keeps writing happily
to that file. Then you send rsyslog a HUP and rsyslog closes all outputs and
when the next messages arrive, it opens the files as needed, and when it
goes to open them it finds they do not exist, so it creates new ones (some
old versions of syslog would not create new files, you had to do that before
issuing the HUP)
David Lang
Date: Thu, 14 Nov 2013 15:42:29 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
thanks David,
Lastly, on your first email that you replied to this, you said to move
the files as YYYYMMDD, then hup the process, the question I have here
is this if I move the files while rsyslog is writing to them, won't I
loose files? should I hup the process then move the files instead?
I have many logs that will need to be rotated and zipped, roughly 200
logfiles every 4 hours, I have a script that defines which logs I want
to rotate, the script is a little messy and kinda confusing, there is
error checking and a lot of logic, I am wondering if it would be best
to start clean with logrorate and just do the mv and hup?
Robert
Post by David Lang
the command is kill -HUP pid where pid is the pid of the process you
want
to
kill
you can also do killall -HUP processname (in this case processname is
rsyslogd) to send the signal to all processes with that name.
when rsyslog gets a HUP, it logs it, look for logs from rsyslog.
David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog.
thanks
David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
On Fri, Nov 8, 2013 at 5:59 PM, Lucas Tobey <lucas.tobey at 1and1.com>
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This
may
be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
David Lang
2013-11-15 19:46:19 UTC
Permalink
Yes, that's what I would do with logrotate.

In my case, I just wrote my own rotate script so I could have it use a wildcard
for identifying the files to deal with, but not use wildcards when dealing with
them, it was something like

year=
month=
day=
timestamp=
cd /var/log
ls *-messages |while read file; do
mv $file $file.$timestamp
done
killall -HUP rsyslogd
ls *-messages.$timestampe |while read file; do
gzip -9 $file
mv $file /var/log/oldlogs/$year/$month/$day
done

or with rsyslog doing compression of files

cd /var/log
ls *-messages.gz |sed s/"\.gz$"// |while read file; do
mv $file.gz $file.$timestamp.gz
done
killall -HUP rsyslogd
sleep 5
ls *-messages.$timestamp.gz |while read file; do
mkdir -p /var/log/oldlogs/$year/$month/$day
mv $file /var/log/oldlogs/$year/$month/$day
done

Doing this myself also allows me to insert a chunk of code after the kill to do
other processing on specific boxes (so I can use the same script across all my
systems)

I started doing this years ago, before I heard of logrotate, and it works well
enough that I've never really dug into the details of logrotate.

logrotate offers lots of features in terms of log retention and rolling by
criteria other than just timestamp, some of which I would find useful, others I
haven't needed yet. It's worth learning, I just haven't taken the time to do so
yet.

David Lang
Post by robert s
Thank you David, this really helps, but if wildcards do not work for
you, how do you move many log files, do you define all the log files
on the logrotate.d?
Robert
Post by David Lang
not examining for syntax errors in the logrotate config, this looks mostly
correct.
One important thing, the move before the HUP needs to remain on the same
filesystem (a mv to a different filesystem is copy + delete, which would
cause logs to be lost as they get written after the copy completes)
so it's more
/define/my/logfiles
{
prerotate or sharescript
mv /define/my/logfiles /define/my/logfiles.YYMMDD-HHMM
endscript
postrotate
/usr/bin/killall -HUP rsyslogd
mv /define/my/logfiles.YYMMDD-HHMM /final/destination
endscript
compress
}
It's very common to have the logs arrive to a local (fast) disk and then
rotate them off to slower (frequently NFS) storage. On many of my systems, I
have a fast (SCSI/SAS or SSD) disk and then a slow, but huge SATA disk for
the archives.
I also avoid using wildcards in this process. It gets _really_ ugly if it's
not quite finished processing one logfile when the next one rotates if you
have a wildcard and the mv/copy/compress intended for the new file finds the
old one still around and trys to do it again as well.
If you have a long rotation period, this isn't as likely to happen, but I
have systems where I rotate the files every minute and at peak times the
system may fall behind once in a while. with wildcards this turns into a
'box down' result while without it nothing bad happens.
David Lang
Post by robert s
:) thanks David, I really appreciate the explanation, it was confusing
me because I couldn't grasp the idea of files being written to while
moved.
So I would just do a logrotate.d for rsyslog,
/define/my/logfiles
{
prerotate or sharescript
mv /logfiles/to/new/YYYYMMDD/format
endscript
postrotate
/usr/bin/killall -HUP rsyslogd
endscript
compress
}
and hopefully it will work :)
Robert
Post by David Lang
no, it really is move then HUP
the way things work is that rsyslog opens the file, and after that it
accesses the file via a filehandle. That filehandle remains until rsyslog
closes the file. It doesn't matter if you rename, or even delete the file,
rsyslog will still write to the file though that filehandle.
So you rename the file to something new, and rsyslog keeps writing happily
to that file. Then you send rsyslog a HUP and rsyslog closes all outputs and
when the next messages arrive, it opens the files as needed, and when it
goes to open them it finds they do not exist, so it creates new ones (some
old versions of syslog would not create new files, you had to do that before
issuing the HUP)
David Lang
Date: Thu, 14 Nov 2013 15:42:29 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
thanks David,
Lastly, on your first email that you replied to this, you said to move
the files as YYYYMMDD, then hup the process, the question I have here
is this if I move the files while rsyslog is writing to them, won't I
loose files? should I hup the process then move the files instead?
I have many logs that will need to be rotated and zipped, roughly 200
logfiles every 4 hours, I have a script that defines which logs I want
to rotate, the script is a little messy and kinda confusing, there is
error checking and a lot of logic, I am wondering if it would be best
to start clean with logrorate and just do the mv and hup?
Robert
Post by David Lang
the command is kill -HUP pid where pid is the pid of the process you
want
to
kill
you can also do killall -HUP processname (in this case processname is
rsyslogd) to send the signal to all processes with that name.
when rsyslog gets a HUP, it logs it, look for logs from rsyslog.
David Lang
Date: Wed, 13 Nov 2013 17:02:03 -0500
From: robert s <rsyslogrobert at gmail.com>
Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
To: rsyslog-users <rsyslog at lists.adiscon.com>
Subject: Re: [rsyslog] rsyslog log rotation
Hello guys,
regarding the HUP, is there a particular way that the commands needs
to be executed? I ran rsyslogd kill -HUP but it didnt do anything,
then I read a man page that said to run it like : kill -HUP $(sudo cat
/var/run/syslogd.pid), but im not sure how to determine whether it ran
it or not, is there a log that I can view whether this command ran?
...Im just a bit confused, thanks in advanced for the help.
Robert
Post by robert s
Oh Im sorry, I was thinking it was something relating to rsyslog.
thanks
David
Robert
Post by David Lang
http://linuxcommand.org/man_pages/logrotate8.html
or 'man logrotate'
David Lang
Post by robert s
Thanks for the response Lucas,
I am not sure what you are referring to the logrotate program?
Robert
On Fri, Nov 8, 2013 at 5:59 PM, Lucas Tobey <lucas.tobey at 1and1.com>
Post by Lucas Tobey
Hi,
Have you considered using the 'logrotate' program for this? This
may
be
a better/easier solution?
Sincerely,
-Lucas
Post by robert s
Hello Everyone,
I am full of questions today, I am reading a few things on the
documentation regarding log rotation and I am curious if this can be
I would like to rotate logs all the logs every 4 hours, but at the
same time not stop the rsyslog service, so there is no loss of data
during the rotation process, is this possible?
The only place that I was able to find some info was to use a
template
$template
DailyPerHostLogs,"/var/log/logdir/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%_messages.log"
*.info;mail.none;authpriv.none;cron.none
-?DailyPerHostLogs
If there might be any more documentation that I may be pointed to I
would really appreciate it.
Robert
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a
myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if
you
DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Loading...