[deployment-guide/comm-rel: 692/727] added configuring rsyslog section
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 13:23:57 UTC 2010
commit f2a15b0fce6115f0d08b0b5f28a12c0056e376af
Author: Martin Prpic <mprpic at redhat.com>
Date: Wed Sep 29 15:18:47 2010 +0200
added configuring rsyslog section
en-US/Log_Files.xml | 63 ++++++++++++++++++++++++++++++++++++++++++--------
1 files changed, 53 insertions(+), 10 deletions(-)
---
diff --git a/en-US/Log_Files.xml b/en-US/Log_Files.xml
index 05f141e..31e2c1d 100644
--- a/en-US/Log_Files.xml
+++ b/en-US/Log_Files.xml
@@ -44,52 +44,95 @@
<itemizedlist>
<listitem>
<para>
- Modules —
+ Modules — Due to its modular design, <command>rsyslog</command> offers a variety of modules which provide dynamic functionality. Note that modules can be written by third parties. Essentially, modules are comprised of various configuration directives that become available when a module is loaded. To load a module, use the following syntax:
+ </para>
+ <screen>
+$ModLoad <replaceable><MODULE></replaceable>
+ </screen>
+ <para>
+ where <replaceable><MODULE></replaceable> represents your desired module. For example, if you want to load the <literal>Text File Input Module</literal> (<command>imfile</command> — enables <command>rsyslog</command> to convert any standard text files into a syslog messages), specify the following line in your <filename>/etc/rsyslog.conf</filename> configuration file:
+ </para>
+ <screen>
+$ModLoad imfile
+ </screen>
+ <para>
+ <command>rsyslog</command> offers a number of modules which are split into these main types:
</para>
<itemizedlist>
<listitem>
<para>
- Input Modules
+ Input Modules — Input modules gather messages from various sources. The name of an input module always starts with the <literal>im</literal> prefix, such as <command>imfile</command>, <command>imrelp</command>, etc.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Output Modules — Output modules process messages into different formats or perform various actions on them. The name of an output module always starts with the <literal>om</literal> prefix, such as <command>omsnmp</command>, <command>omrelp</command>, etc.
</para>
</listitem>
<listitem>
<para>
- Output Modules
+ Filter Modules — Filter modules provide the ability to filter messages according to specified rules. The name of a filter module always starts with the <literal>fm</literal> prefix.
</para>
</listitem>
<listitem>
<para>
- Parser Modules
+ Parser Modules — Parser modules use the message parsers to parse message content of any received messages. The name of a parser module always starts with the <literal>pm</literal> prefix, such as <command>pmrfc5424</command>, <command>pmrfc3164</command>, etc.
</para>
</listitem>
<listitem>
<para>
- Message Modification Module
+ Message Modification Modules — Message modification modules change the content of a log message. The message modification modules only differ in their implementation from the output and filter modules but share the same interface.
</para>
</listitem>
<listitem>
<para>
- String Generator Modules
+ String Generator Modules — String generator modules generate strings based on the message content and strongly cooperate with the template feature provided by <command>rsyslog</command>. For more information on templates, refer to . The name of a string generator module always starts with the <literal>sm</literal> prefix, such as <command>smfile</command>, <command>smtradfile</command>, etc.
</para>
</listitem>
<listitem>
<para>
- Library Modules
+ Library Modules — Library modules provide the ability to load and handle other loadable modules. These modules are loaded automatically by <command>rsyslog</command> when needed and cannot be configured by the user.
</para>
</listitem>
</itemizedlist>
<para>
A comprehensive list of all available modules and their detailed description can be found at <ulink url="http://www.rsyslog.com/doc/rsyslog_conf_modules.html/">http://www.rsyslog.com/doc/rsyslog_conf_modules.html</ulink>
</para>
+ <warning>
+ <title>Warning</title>
+ <para>
+ Note that when <command>rsyslog</command> loads any modules, it provides them with access to some of its functions and data. This poses a possible security threat. To minimize security risks, use trustworthy modules only.
+ </para>
+ </warning>
</listitem>
<listitem>
<para>
- Global Directives —
+ Global Directives — Global directives specify configuration options that apply to the <systemitem class="daemon">rsyslogd</systemitem> daemon. All of the global directives must start with a dollar sign (<literal>$</literal>). Only one directive can be specified per line. The following is an example of a global directive that specifies the maximum size of the log message queue:</para>
+ <screen>
+$MainMsgQueueSize
+ </screen>
+ <para>
+ The default size defined for this directive (<constant>10,000</constant> messages) can be overridden by specifying a different value.
+ </para>
+ <para>
+ A comprehensive list of all available configuration directives and their detailed description can be found in <filename>/usr/share/doc/rsyslog-4.4.2/rsyslog_conf_global.html</filename> or online at <ulink url="http://www.rsyslog.com/doc/rsyslog_conf_global.html">http://www.rsyslog.com/doc/rsyslog_conf_global.html</ulink>.
</para>
</listitem>
<listitem>
<para>
- Rules —
+ Rules — A rule specifies the cooperation of a selector with an action. To define a rule in your <filename>/etc/rsyslog.conf</filename> configuration file, define both, a selector and an action, on one line and separate them with one or more spaces or tabs.
+ <itemizedlist>
+ <listitem>
+ <para>
+ Selectors —
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Actions —
+ </para>
+ </listitem>
+ </itemizedlist>
</para>
</listitem>
<listitem>
@@ -109,7 +152,7 @@
</listitem>
</itemizedlist>
<para>
- Note that any empty lines or lines that begin with a hash mark (#) are comments and are not processed.
+ Note that any empty lines or lines that begin with a hash mark (<literal>#</literal>) are comments and are not processed.
</para>
</section>
<section
More information about the docs-commits
mailing list