I'm having some difficulty getting rsyslog setup properly. I suspect it stems from there being so many different versions of the code and the docs floating around. I am on CentOS 5.9. I have been able to upgrade from the stock rsyslog that ships with CentOS 5 (rsyslog 3.x) to rsyslog 5.8.12 easily enough as that is what is in our available repos. I would really prefer to stick with the repo version than compile my own to stick closer to the corporate baseline. So rsyslog5-5.8.12-4.el5 is what I have installed.
I want to listen on multiple udp ports and write each one out to a seperate logfile to be indexed by Splunk: http://pastebin.com/uZFJ1nYz That's what I've got so far. But as you can see it starts throwing errors such as: May 6 17:44:42 sec01 rsyslogd-3000: unknown priority name "" [try http://www.rsyslog.com/e/3000 ] and never listens on the udp port. I'm concerned that maybe the config syntax I got from the rsyslog website isn't correct for my version of rsyslog. Or perhaps I'm missing something else. This should be a pretty trivial config. Could someone please clue me in as to what the problem might be here? Any tips are greatly appreciated! Thanks! -- Tracy Reed
pgp_JXyylT5uQ.pgp
Description: PGP signature
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
