Bummer... so can I do what we want to do without upgrading? R. Singh Sr. Systems Administrator Middleware/PTC Support 904-633-5745
RC Offering: SC07507098 H0\/\/ T0/\/\0RR0\/\/ /\/\0\/35 "Give instruction to a wise man, and he will be yet wiser : teach a just man, and he will increase in learning." - Proverbs 9:9 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David Lang Sent: Wednesday, May 04, 2016 3:37 PM To: rsyslog-users Subject: Re: [rsyslog] Remote messages getting into local logs Yes, you need to be using at least 7.x (current is 8.18) David Lang On Wed, 4 May 2016, Singh, Radesh wrote: > Date: Wed, 4 May 2016 19:32:18 +0000 > From: "Singh, Radesh" <[email protected]> > Reply-To: rsyslog-users <[email protected]> > To: rsyslog-users <[email protected]> > Subject: Re: [rsyslog] Remote messages getting into local logs > > Rsyslog doesn't like my syntax: > > [root at PTC_UAT_LOGHOST rsyslog.d]$ rsyslogd -N2 > rsyslogd: version 5.8.10, config validation run (level 2), master > config /etc/rsyslog.conf > rsyslogd: WARNING: rsyslogd is running in compatibility mode. Automatically > generated config directives may interfer with your rsyslog.conf settings. We > suggest upgrading your config and adding -c5 as the first rsyslogd option. > rsyslogd: unknown priority name "" [try > http://secure-web.cisco.com/1-flZtEcVu13PuDqJJOFpJ5Ic783Ttc-rN9lsBmKi3 > xMXWYiv8CH3X7-ddpLEYfTw_0v4qOEZKdQCpvLErHBBxAdwZk3MKuSh1MRK3_0v8m96_k5 > vZ2IKFM23TaGrpF7Ei6rJK3EO5_YSjY8DknVbOJBGhjwKd3A00PtNo_ZgPBohbercjhRR- > FBWB8oowNEG8E59t_dc0cIpaVw45MnT9is9t99C9KeGlHonfsgBHd0FMeSmxxyEL25feIw > be8Q03oTPzgoR4DiUf2Pw2utBM-MLRUmQzGC90PhI6SmpayZveLWWDkYAXfn-Oo8pcI1Y6 > Yy306TJgqpX15Yvrd_-mVMoJaHfHlmAn45tAwBR3Wt0f6iL7gFvTaT0N02VMo1K/http%3 > A%2F%2Fwww.rsyslog.com%2Fe%2F3000 ] > rsyslogd: the last error occured in /etc/rsyslog.d/remotes.conf, line > 10:"input(type="imtcp" port="514" ruleset="inbound") input(type="imudp" > port="514" ruleset="inbound")" > rsyslogd: warning: selector line without actions will be discarded > rsyslogd: unknown priority name "type="FixedArray"){" [try > http://secure-web.cisco.com/1-flZtEcVu13PuDqJJOFpJ5Ic783Ttc-rN9lsBmKi3 > xMXWYiv8CH3X7-ddpLEYfTw_0v4qOEZKdQCpvLErHBBxAdwZk3MKuSh1MRK3_0v8m96_k5 > vZ2IKFM23TaGrpF7Ei6rJK3EO5_YSjY8DknVbOJBGhjwKd3A00PtNo_ZgPBohbercjhRR- > FBWB8oowNEG8E59t_dc0cIpaVw45MnT9is9t99C9KeGlHonfsgBHd0FMeSmxxyEL25feIw > be8Q03oTPzgoR4DiUf2Pw2utBM-MLRUmQzGC90PhI6SmpayZveLWWDkYAXfn-Oo8pcI1Y6 > Yy306TJgqpX15Yvrd_-mVMoJaHfHlmAn45tAwBR3Wt0f6iL7gFvTaT0N02VMo1K/http%3 > A%2F%2Fwww.rsyslog.com%2Fe%2F3000 ] > rsyslogd: the last error occured in /etc/rsyslog.d/remotes.conf, line > 12:"ruleset(name="inbound" queue.type="FixedArray"){" > rsyslogd: warning: selector line without actions will be discarded > rsyslogd: unknown priority name "" [try > http://secure-web.cisco.com/1-flZtEcVu13PuDqJJOFpJ5Ic783Ttc-rN9lsBmKi3 > xMXWYiv8CH3X7-ddpLEYfTw_0v4qOEZKdQCpvLErHBBxAdwZk3MKuSh1MRK3_0v8m96_k5 > vZ2IKFM23TaGrpF7Ei6rJK3EO5_YSjY8DknVbOJBGhjwKd3A00PtNo_ZgPBohbercjhRR- > FBWB8oowNEG8E59t_dc0cIpaVw45MnT9is9t99C9KeGlHonfsgBHd0FMeSmxxyEL25feIw > be8Q03oTPzgoR4DiUf2Pw2utBM-MLRUmQzGC90PhI6SmpayZveLWWDkYAXfn-Oo8pcI1Y6 > Yy306TJgqpX15Yvrd_-mVMoJaHfHlmAn45tAwBR3Wt0f6iL7gFvTaT0N02VMo1K/http%3 > A%2F%2Fwww.rsyslog.com%2Fe%2F3000 ] > rsyslogd: the last error occured in /etc/rsyslog.d/remotes.conf, line 21:"}" > rsyslogd: warning: selector line without actions will be discarded > rsyslogd: the last error occured in /etc/rsyslog.conf, line > 35:"$IncludeConfig /etc/rsyslog.d/*.conf" > rsyslogd: CONFIG ERROR: could not interpret master config file > '/etc/rsyslog.conf'. [try > http://secure-web.cisco.com/1ya_3awlRyHJY4pJ5xBdaeSbabU9qq7ruMBPltDdob > SsjyLK54oipjv28RxNybQ3emKl-zj2JI6XtLziIny1mNnXLMbGRJZIqAbeqLXHc2FIMrDT > 10luKHUvdFvku1UgbkN0Hf2bMHGyNxTltCoV11fYMeAfZZvDseCcZHgdFeb-CxvcwRfBn4 > kzJjQbBrFiE4Yrrlksw4AYSCWsS3z8faLUJC2_BXSjvahTN6YzdVsva0RIQxEYHwyk6tVY > aq1NVifFmm0A5HxY1hwPpB7drYvjifI8vC_J8gDSzKhzfjswzov514INMzAoE9mUnUPTJU > -A_gZ61LKqLS--TSIbY4JklHqrskGNSnKLFzr01cx3JTk1GE9T0vyvMZ6Rbt0iX/http%3 > A%2F%2Fwww.rsyslog.com%2Fe%2F2124 ] > rsyslogd: Warning: backward compatibility layer added to following > directive to rsyslog.conf: ModLoad immark > rsyslogd: Warning: backward compatibility layer added to following > directive to rsyslog.conf: MarkMessagePeriod 1200 > rsyslogd: Warning: backward compatibility layer added to following > directive to rsyslog.conf: ModLoad imuxsock > > $template > remote-messages,"/var/remote/log/%HOSTNAME%/%$NOW%/messages-%HOSTNAME%-%$NOW%.log" > $template > remote-kernel,"/var/remote/log/%HOSTNAME%/%$NOW%/kernel-%HOSTNAME%-%$NOW%.log" > $template > remote-emerg,"/var/remote/log/%HOSTNAME%/%$NOW%/emerg-%HOSTNAME%-%$NOW%.log" > $template > remote-secure,"/var/remote/log/%HOSTNAME%/%$NOW%/secure-%HOSTNAME%-%$NOW%.log" > $template > remote-maillog,"/var/remote/log/%HOSTNAME%/%$NOW%/maillog-%HOSTNAME%-%$NOW%.log" > $template > remote-cron,"/var/remote/log/%HOSTNAME%/%$NOW%/cron-%HOSTNAME%-%$NOW%.log" > $template > remote-spooler,"/var/remote/log/%HOSTNAME%/%$NOW%/spooler-%HOSTNAME%-%$NOW%.log" > $template > remote-bootlog,"/var/remote/log/%HOSTNAME%/%$NOW%/bootlog-%HOSTNAME%-%$NOW%.log" > > input(type="imtcp" port="514" ruleset="inbound") input(type="imudp" > port="514" ruleset="inbound") > > ruleset(name="inbound" queue.type="FixedArray"){ > user.*;daemon.*;syslog.* ?remote-messages > kern.* ?remote-kernel > *.emerg ?remote-emerg > authpriv.* ?remote-secure > mail.* -?remote-maillog > cron.* ?remote-cron > uucp,news.crit ?remote-spooler > local7.* ?remote-bootlog > } > > I'm betting this is b/c I'm using using 5.8.10. > > Going to try some syntax I see here: > > http://secure-web.cisco.com/100Kd-K2EYkolEJwOYRrKISwA9ClF699uhqvzh9I_i > qJsuH6lQ5ALgzXFJBBPtNS8NT8Jlr91S0ctW7vJegQjTnPY0mrJOOcT4FY7kFpM5XWd3P2 > oM1NuRoP7KRe5TvQL7K5D1bYOqd8V68Ki28e11GQGpEhtWmpcvNrgPWBCETJw1n4FK_6Ux > c2nDb7ZK6IR-BnI_5YsOuZ9y7WOlI2WlTSBsWd3GTri1cjX40S_3LC64eVWcCIw4uzTk9q > Yu3IvuyFH57YnSFdK20QMZTGVSWfDpm3dMYR-NAd0k1oudQUHHnw9Ruoj5B19goW9WsQqF > htmCyOD3Wm3ffHOIL6RwRFpI3Oib0QRTHcC0Sap8DTT-9AKEnLLtxYqha62oYKC/http%3 > A%2F%2Fwww.rsyslog.com%2Fdoc%2Fv5-stable%2Fconcepts%2Fmulti_ruleset.ht > ml > > R. Singh > Sr. Systems Administrator > Middleware/PTC Support > 904-633-5745 > > RC Offering: SC07507098 > > > H0\/\/ T0/\/\0RR0\/\/ /\/\0\/35 > > "Give instruction to a wise man, and he will be yet wiser : teach a > just man, and he will increase in learning." - Proverbs 9:9 > > > -----Original Message----- > From: Singh, Radesh > Sent: Wednesday, May 04, 2016 3:15 PM > To: 'rsyslog-users' > Subject: RE: [rsyslog] Remote messages getting into local logs > > David, > > So, this is the config I've got in mind: > > # rsyslog.conf > $ModLoad imuxsock # provides support for local system logging (e.g. via > logger command) > $ModLoad imklog # provides kernel logging support (previously done by > rklogd) > $ModLoad imudp > $UDPServerRun 514 > $ModLoad imtcp > $InputTCPServerRun 514 > $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat > $IncludeConfig /etc/rsyslog.d/*.conf > user.*;daemon.*;syslog.* /var/log/messages > kern.* /var/log/kernel > *.emerg /var/log/emerg > authpriv.* /var/log/secure > mail.* /var/log/maillog > cron.* /var/log/cron > uucp,news.crit /var/log/spool > local7.* /var/log/bootlog > > # rsyslog.d/remote.conf > $template > remote-messages,"/var/remote/log/%HOSTNAME%/%$NOW%/messages-%HOSTNAME%-%$NOW%.log" > $template > remote-kernel,"/var/remote/log/%HOSTNAME%/%$NOW%/kernel-%HOSTNAME%-%$NOW%.log" > $template > remote-emerg,"/var/remote/log/%HOSTNAME%/%$NOW%/emerg-%HOSTNAME%-%$NOW%.log" > $template > remote-secure,"/var/remote/log/%HOSTNAME%/%$NOW%/secure-%HOSTNAME%-%$NOW%.log" > $template > remote-maillog,"/var/remote/log/%HOSTNAME%/%$NOW%/maillog-%HOSTNAME%-%$NOW%.log" > $template > remote-cron,"/var/remote/log/%HOSTNAME%/%$NOW%/cron-%HOSTNAME%-%$NOW%.log" > $template > remote-spooler,"/var/remote/log/%HOSTNAME%/%$NOW%/spooler-%HOSTNAME%-%$NOW%.log" > $template > remote-bootlog,"/var/remote/log/%HOSTNAME%/%$NOW%/bootlog-%HOSTNAME%-%$NOW%.log" > > input(type="imtcp" port="514" ruleset="inbound") input(type="imudp" > port="514" ruleset="inbound") > > ruleset(name="inbound" queue.type="FixedArray"){ > user.*;daemon.*;syslog.* ?remote-messages > kern.* ?remote-kernel > *.emerg ?remote-emerg > authpriv.* ?remote-secure > mail.* -?remote-maillog > cron.* ?remote-cron > uucp,news.crit ?remote-spooler > local7.* ?remote-bootlog > } > > Am I still over thinking it? > > R. Singh > Sr. Systems Administrator > Middleware/PTC Support > 904-633-5745 > > RC Offering: SC07507098 > > > H0\/\/ T0/\/\0RR0\/\/ /\/\0\/35 > > "Give instruction to a wise man, and he will be yet wiser : teach a > just man, and he will increase in learning." - Proverbs 9:9 > > > -----Original Message----- > From: Singh, Radesh > Sent: Wednesday, May 04, 2016 2:40 PM > To: [email protected] > Subject: RE: [rsyslog] Remote messages getting into local logs > > David, > > Thank you for clarifying all of that. > > Based on what we are trying to do, I think we'd want to go the route of using > a ruleset. > > So, using something like: > input(type="imtcp" port="514" ruleset="inbound" ) input(type="imudp" > port="514" ruleset="inbound") > > ruleset(name="inbound" queue.type="FixedArray"){ > actions > } > > I'm translating that to: > > $template > remote-messages,"/var/remote/log/%HOSTNAME%/%$NOW%/messages-%HOSTNAME%-%$NOW%.log" > $template > remote-kernel,"/var/remote/log/%HOSTNAME%/%$NOW%/kernel-%HOSTNAME%-%$NOW%.log" > $template > remote-emerg,"/var/remote/log/%HOSTNAME%/%$NOW%/emerg-%HOSTNAME%-%$NOW%.log" > $template > remote-secure,"/var/remote/log/%HOSTNAME%/%$NOW%/secure-%HOSTNAME%-%$NOW%.log" > $template > remote-cron,"/var/remote/log/%HOSTNAME%/%$NOW%/cron-%HOSTNAME%-%$NOW%.log" > $template > remote-spooler,"/var/remote/log/%HOSTNAME%/%$NOW%/spooler-%HOSTNAME%-%$NOW%.log" > $template > remote-bootlog,"/var/remote/log/%HOSTNAME%/%$NOW%/bootlog-%HOSTNAME%-%$NOW%.log" > > input(type="imtcp" port="514" ruleset="inbound") input(type="imudp" > port="514" ruleset="inbound") > > ruleset(name="inbound" queue.type="FixedArray"){ > user.*;daemon.*;syslog.* ?remote-messages > kern.* ?remote-kernel > *.emerg ?remote-emerg > authpriv.* ?remote-secure > mail.* -?remote-maillog > cron.* ?remote-cron > uucp,news.crit ?remote-spooler > local7.* ?remote-bootlog > } > > That should result in me capturing all messages that come in over TCP or UDP, > and separate them out. > > What tells rsyslog to log local (those not coming in via TCP or UDP) messages > to /var/log/...? > > Thanks, > > R. Singh > Sr. Systems Administrator > Middleware/PTC Support > 904-633-5745 > > RC Offering: SC07507098 > > > H0\/\/ T0/\/\0RR0\/\/ /\/\0\/35 > > "Give instruction to a wise man, and he will be yet wiser : teach a > just man, and he will increase in learning." - Proverbs 9:9 > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of David Lang > Sent: Wednesday, May 04, 2016 1:06 PM > To: [email protected] > Subject: Re: [rsyslog] Remote messages getting into local logs > > I'll bet that if you do rsyslogd -N2 it will report a lot of errors in > the config > > you are mising filter types (and in any case, working harder than you > need to) > > there are three classes of filters > > traditional pri filters > > user.* action > > old rsyslog filters > > :var, test, value action > > rainerscript filters > > if test then action > > you are trying to use the old rsyslog filters in rainerscript syntax, > that doesn't work > > if $hostname == $$myhostname then { > actions > } else { > actions > } > > would be what you are trying to do. > > But if you really want to separate the traffic that arrives from > remote systems completely from the traffic that is produced locally, > the best way to do that is with a ruleset > > input(type="imtcp" port="514" ruleset="inbound" ) input(type="imudp" > port="514" ruleset="inbound") > > ruleset(name="inbound" queue.type="FixedArray"){ > actions > } > > will effectivly split rsyslog into two complete stacks, one that > processes locally generated messages with all the rules not defined in > the inbound ruleset (and using the main queue), and a second that > processes all messages that arrive via tcp or udp using the rules in > the inbound ruleset (and using a separate queue) > > David Lang > > On Wed, 4 May 2016 16:38:34 +0000, Singh, Radesh wrote: >> Hello, >> >> Perhaps I'm overthinking this, but as I've confused myself pretty >> good, I'm reaching out to you guys. >> >> We noticed that our remote clients messages are flooding several of >> our local log files (messages,kernel,bootlog) on our central rsyslog >> server. >> >> We've been try to craft some rules to tell the rsyslog server that >> the hostname is not your hostname, use a specific block to separate >> the messages into their appropriate files, else, do the same type of >> separation, but store the messages locally... >> >> I tried... >> >> $template >> >> remote-messages,"/var/remote/log/%HOSTNAME%/%$NOW%/messages-%HOSTNAME%-%$NOW%.log" >> $template >> >> remote-kernel,"/var/remote/log/%HOSTNAME%/%$NOW%/kernel-%HOSTNAME%-%$NOW%.log" >> $template >> >> remote-emerg,"/var/remote/log/%HOSTNAME%/%$NOW%/emerg-%HOSTNAME%-%$NOW%.log" >> $template >> >> remote-secure,"/var/remote/log/%HOSTNAME%/%$NOW%/secure-%HOSTNAME%-%$NOW%.log" >> $template >> >> remote-cron,"/var/remote/log/%HOSTNAME%/%$NOW%/cron-%HOSTNAME%-%$NOW%.log" >> $template >> >> remote-spooler,"/var/remote/log/%HOSTNAME%/%$NOW%/spooler-%HOSTNAME%-%$NOW%.log" >> $template >> >> remote-bootlog,"/var/remote/log/%HOSTNAME%/%$NOW%/bootlog-%HOSTNAME%-%$NOW%.log" >> >> $template local-messages,"/var/log/messages" >> $template local-kernel,"/var/log/kernel" >> $template local-emerg,"/var/log/emerg" >> $template local-secure,"/var/log/secure" >> $template local-maillog,"/var/log/maillog" >> $template local-cron,"/var/log/cron" >> $template local-spooler,"/var/log/spooler" >> $template local-bootlog,"/var/log/bootlog" >> >> if :hostname,!isequal,$myhostname then { >> user.*;daemon.*;syslog.* ?remote-messages >> kern.* ?remote-kernel >> *.emerg ?remote-emerg >> authpriv.* ?remote-secure >> mail.* -?remote-maillog >> cron.* ?remote-cron >> uucp,news.crit ?remote-spooler >> local7.* ?remote-bootlog >> } >> else if :hostname,isequal,$myhostname then { >> user.*;daemon.*;syslog.* ?local-messages >> kern.* ?local-kernel >> *.emerg ?local-emerg >> authpriv.* ?local-secure >> mail.* -?local-maillog >> cron.* ?local-cron >> uucp,news.crit ?local-spooler >> local7.* ?local-bootlog >> } >> >> But messages from remote hosts get written to /var/log/messages, even >> though I thought I was telling rsyslog to filter on hostname, and if >> the hostname is not my hostname use one of my ?remote definitions. >> I tried using & ~ after my first line, but I find that if I do that >> ... nothing gets written to the local messages file. >> I'm doing this on RHEL 6.2, and rsyslog version is 5.8.10. >> >> Thank you, >> >> R. Singh >> Sr. Systems Administrator >> Middleware/PTC Support >> 904-633-5745 >> >> RC Offering: SC07507098 >> >> [chessie] >> |-| () \/\/ ~|~ () |\/| () /? /? () \/\/ |\/| () \/ [- _\~ >> >> >> >> >> This email transmission and any accompanying attachments may contain >> CSX privileged and confidential information intended only for the use >> of the intended addressee. Any dissemination, distribution, copying >> or action taken in reliance on the contents of this email by anyone >> other than the intended recipient is strictly prohibited. If you have >> received this email in error please immediately delete it and notify >> sender at the above CSX email address. Sender and CSX accept no >> liability for any damage caused directly or indirectly by receipt of >> this email. > > _______________________________________________ > rsyslog mailing list > BLOCKEDlists[.]adiscon[.]net/mailman/listinfo/rsyslogBLOCKED > http://secure-web.cisco.com/1xGGnjSh9RR0y9rgx38zhuymGGNvuKuRCAR_z7i9J4 > Yn4zD1vrveKaihdGx3JedcKCvkNFBxiQQjmCOd0j1txaq0XXfVbdukHhfiSCcWgPOP25by > T1N_28l_4ON11xwTa2os6nW2bRAbUYXssRPv3wvQnrvm8ZzCXtOHwGONSA3SCjiMSNi08M > M6TaKzaOkD03_s7wi9z7XCSLiEBsRnnCqwRSU2U2EJwHK9Y45_VeoyaLJ8gYj2bCZYXes3 > riOxEZtfn4nwdnJ3x1ksA5LhDiPYPqvwksTkgOXeGl-RsALio_xvt06uQ1x-Qs1VKm6HuR > R-wPUlI6tPrvOprmD2kB8IcTPvtPxBkfjtVU5BpEZVIgCJmZSTxU2CCM44nyhVa/http%3 > A%2F%2Fwww.rsyslog.com%2Fprofessional-services%2F > What's up with rsyslog? Follow > https://secure-web.cisco.com/1np2M_O7l4WbuSPzutBL7wHs1T4AvXY5sEAi6R9jF > Ad6xpP66MUvIDoL0kz8Ve9JiKraHbyNUChDGTNv4qEvQcUG__9hAYAhKR4E7GDpM7wUS99 > eOBMAmpT0YQBJJZ44RAmUnlV8l-ReDvo5lBRbln2K5LdY7r8SRhRWxukHXXBpb6QWRw33l > tg4-0dFF4WarzNF0TNyG2pbowTpBDBRxUksgFg8Lsc_RMfr5SOW4BoGup_lZ-eLAZ53p3c > H3LfhD_ziZoSyK89jd0Q7d_ny6io7hXw3xTTVKazGM8-ONaWmTt_sBkl5zVxGHpN50EViW > 9719-Se7Kxyx4OohnoDRd-aGEzfx6novzYQqXjR_L8OSY4mtnLsxciyfHoPOmjkMKz5PZF > 1Pv7jlvGXdl0E5Eg/https%3A%2F%2Ftwitter.com%2Frgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. > > > > > This email transmission and any accompanying attachments may contain CSX > privileged and confidential information intended only for the use of the > intended addressee. Any dissemination, distribution, copying or action taken > in reliance on the contents of this email by anyone other than the intended > recipient is strictly prohibited. If you have received this email in error > please immediately delete it and notify sender at the above CSX email > address. Sender and CSX accept no liability for any damage caused directly or > indirectly by receipt of this email. > > _______________________________________________ > rsyslog mailing list > BLOCKEDlists[.]adiscon[.]net/mailman/listinfo/rsyslogBLOCKED > http://secure-web.cisco.com/1VFleKFU62iSgxqNp7l4hUrALjZPNml1KX8H5whJa5 > oq_EIR7mVvq0PfpjqvVRT7kK0VmKBVB4AqyW1kdMcUq8aUtz_WqttYsnMELiLEgsZ9kukE > 2qyWFcZsSBn8CFlvUF-skZIaIwiF0ajFqoZNZMGwOKGbOrB4ir28NlMIRH8X4nUYHFPQol > bDK9JlX3sDBGgMokxaETlthu6VFA7oB3m7qdps4AinoI4vEC5GaRumv7j9XF9LfVXSbQlU > lLGkoA1O0QO-iDWIG29n1Ax0-1ehb-PB5FMXGUoV0MBJ1Ihj20CoP2MqKTTvTX_1zeYMDc > P3e3Qj5iQwpplCbxx1bTXJ0HYDqxmwkpSWQj5e0QWC0qSxgaZ8aBAfUCp7dqVRI/http%3 > A%2F%2Fwww.rsyslog.com%2Fprofessional-services%2F > What's up with rsyslog? Follow > https://secure-web.cisco.com/1rQW9huc5s4E2rR8Jgt3WDPXRhEnsyncI4KzmYV0r > WfuNxxWQA2tJNmd73u_cwcmtrESyPxNL7o1R6F9PurmRw2wy6Bau5loGMOQwjOmJ__VZ67 > 8C0xz-z4KHAWn32ESCSEFTV1ivD5xFxua7uyfDcF9LxDrrkNxZePI56Oy5thHbg27ZYzOX > nkoi_jl_NDAb5mkjCrLA5Jw9Dr-5VGa1g-taZjxBLHcyINLwvFBINfDnEicRO_IpmRmzOo > EjmIwU7gX7Dn4qWD_VCFA71qk1ArL3KwRTuJl9YlclJ89yALDVePU18OBMkdA7XxlrH4Li > d7jDDCVtC5eeF7cLkGIU9dodJbRGvxsSHyx1Zy4i_vGNIM-o-C5XGRmhojMF1VzLTMo29t > FfUkGXpMR9-0wcbw/https%3A%2F%2Ftwitter.com%2Frgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. > _______________________________________________ rsyslog mailing list BLOCKEDlists[.]adiscon[.]net/mailman/listinfo/rsyslogBLOCKED http://secure-web.cisco.com/1VFleKFU62iSgxqNp7l4hUrALjZPNml1KX8H5whJa5oq_EIR7mVvq0PfpjqvVRT7kK0VmKBVB4AqyW1kdMcUq8aUtz_WqttYsnMELiLEgsZ9kukE2qyWFcZsSBn8CFlvUF-skZIaIwiF0ajFqoZNZMGwOKGbOrB4ir28NlMIRH8X4nUYHFPQolbDK9JlX3sDBGgMokxaETlthu6VFA7oB3m7qdps4AinoI4vEC5GaRumv7j9XF9LfVXSbQlUlLGkoA1O0QO-iDWIG29n1Ax0-1ehb-PB5FMXGUoV0MBJ1Ihj20CoP2MqKTTvTX_1zeYMDcP3e3Qj5iQwpplCbxx1bTXJ0HYDqxmwkpSWQj5e0QWC0qSxgaZ8aBAfUCp7dqVRI/http%3A%2F%2Fwww.rsyslog.com%2Fprofessional-services%2F What's up with rsyslog? Follow https://secure-web.cisco.com/1rQW9huc5s4E2rR8Jgt3WDPXRhEnsyncI4KzmYV0rWfuNxxWQA2tJNmd73u_cwcmtrESyPxNL7o1R6F9PurmRw2wy6Bau5loGMOQwjOmJ__VZ678C0xz-z4KHAWn32ESCSEFTV1ivD5xFxua7uyfDcF9LxDrrkNxZePI56Oy5thHbg27ZYzOXnkoi_jl_NDAb5mkjCrLA5Jw9Dr-5VGa1g-taZjxBLHcyINLwvFBINfDnEicRO_IpmRmzOoEjmIwU7gX7Dn4qWD_VCFA71qk1ArL3KwRTuJl9YlclJ89yALDVePU18OBMkdA7XxlrH4Lid7jDDCVtC5eeF7cLkGIU9dodJbRGvxsSHyx1Zy4i_vGNIM-o-C5XGRmhojMF1VzLTMo29tFfUkGXpMR9-0wcbw/https%3A%2F%2Ftwitter.com%2Frgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
