Hey rsyslog-mailing-list!
I use Rsyslog for many linux server and since a few weeks I noticed strange behavior: Sometimes, rsyslog stops forwarding logs from one host to another. After restarting rsyslog, most of the time it is resolved, but sometimes I even have to change the applied template and reapply it, so that rsyslog is forwarding again. I never had this behavior before, did you have similar bugs in the past? The servers running on Debian 9.4 and rsyslog version is 8.36. Additionally, Logrotate is configured as a cron.daily job. (Which runs early in the morning, but rsyslog stops randomly at ANY time) Attached to this Mail is the config for the forwarder, the listener, and the global config file, I am using at every (forwarding as well as listening) server. Do you spot mistakes which cause this behavior? Thanks for your help! Felix
rsyslog.conf
Description: rsyslog.conf
YYY-tcp-listener-suricata.conf
Description: YYY-tcp-listener-suricata.conf
forward_suricata.conf
Description: forward_suricata.conf
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
