rsyslog
Likes 0
Name | rsyslog |
|---|---|
| Website | rsyslog.com |
| license | GPLv3 (GPLv2 for v2 branch) |
| Input Sources | |
| UNIX domain socket | Yes |
| UDP | Yes |
| TCP | Yes |
| RELP | Yes |
| RFC 3195/BEEP | Yes (via im3195) |
| kernel log | Yes |
| file | Yes |
| mark message generator as an optional input | Yes |
| Standard output (stdout) of an application | |
| Named pipe | |
| Handle multi-line messages like Apache Tomcat or Oracle log messages | |
| Windows Event Log | Yes a Windows event logging software such as EventReporter orMonitorWare Agent (both commercial software, both fund rsyslogdevelopment) |
| Network (Protocol) Support | |
| support for (plain) tcp based syslog | Yes |
| support for GSS-API | Yes |
| ability to limit the allowed network senders (syslog ACLs) | Yes |
| support for syslog-transport-tls based framing on syslog/tcp connections | Yes |
| udp syslog | Yes |
| syslog over RELP | Yes |
| truly reliable message delivery (Why is plain tcp syslog not reliable?) | Yes |
| on the wire (zlib) message compression | Yes |
| support for receiving messages via reliable RFC 3195 delivery | Yes |
| support for TLS/SSL-protected syslog | Yes (since 3.19.0)via stunnel |
| support for IETF's new syslog-protocol draft | Yes |
| support for IETF's new syslog-transport-tls draft | Yes (since 3.19.0 - world's first implementation) |
| support for IPv6 | Yes |
| native ability to send SNMP traps | Yes |
| ability to preserve the original hostname in NAT environments and relay chains | Yes |
| Message Filtering | |
| Filtering for syslog facility and priority | Yes |
| Filtering for hostname | Yes |
| Filtering for application | Yes |
| Filtering for message contents | Yes |
| Filtering for sending IP address | Yes |
| ability to filter on any other message field not mentioned above (including substrings and the like) | Yes |
| support for complex filters, using full boolean algebra with and/or/not operators and parenthesis | Yes |
| Support for reusable filters: specify a filter once and use it in multiple selector lines no | |
| support for arbritrary complex arithmetic and string expressions inside filters | Yes |
| ability to use regular expressions in filters | Yes |
| support for discarding messages based on filters | Yes |
| ability to filter out messages based on sequence of appearing | Yes (starting with 3.21.3) |
| powerful BSD-style hostname and program name blocks for easy multi-host support | Yes |
| Supported Database Outputs | |
| MySQL | Yes (native ommysql, omlibdbi) |
| PostgreSQL | Yes (native ompgsql, omlibdbi) |
| Oracle | Yes (omlibdbi) |
| SQLite | Yes (omlibdbi) |
| Microsoft SQL (Open TDS) | Yes (omlibdbi) |
| Sybase (Open TDS) | Yes (omlibdbi) |
| Firebird/Interbase | Yes (omlibdbi) |
| Ingres | Yes (omlibdbi) |
| mSQL | Yes (omlibdbi) |
| Enterprise Features | |
| support for on-demand on-disk spooling of messages | Yes |
| ability to limit disk space used by spool files | Yes |
| each action can use its own, independant set of spool files | Yes |
| different sets of spool files can be placed on different disk | Yes |
| ability to process spooled messages only during a configured timeframe (e.g. only during off-peak hours, during peak hours they are enqueued only) | Yes (can independently be configured for the main queue and each action queue) |
| ability to configure backup syslog/database servers | Yes |
| Professional Support | Yes |
| Config File | |
| config file format | compatible to legacy syslogd but ugly |
| ability to include config file from within other config files | Yes |
| ability to include all config files existing in a specific directory | Yes |
| Extensibility | |
| Functionality split in separately loadable modules | Yes |
| Support for third-party input plugins | Yes |
| Support for third-party output plugins | Yes |
| Other Features | |
| ability to generate file names and directories (log targets) dynamically | Yes |
| control of log output format, including ability to present channel and priority as visible log data | Yes |
| native ability to send mail messages | Yes (ommail, introduced in 3.17.0) |
| good timestamp format control; at a minimum, ISO 8601/RFC 3339 second-resolution UTC zone | Yes |
| ability to reformat message contents and work with substrings | Yes |
| support for log files larger than 2gb | Yes |
| support for log file size limitation and automatic rollover command execution | Yes |
| support for running multiple syslogd instances on a single machine | Yes |
| ability to execute shell scripts on received messages | Yes |
| ability to pipe messages to a continously running program | |
| massively multi-threaded for tomorrow's multi-core machines | Yes |
| ability to control repeated line reduction ("last message repeated n times") on a per selector-line basis | Yes |
| supports multiple actions per selector/filter condition | Yes |
| web interface | phpLogCon [also works with php-syslog-ng] |
| using text files as input source | Yes |
| rate-limiting output actions | Yes |
| discard low-priority messages under system stress | Yes |
| flow control (slow down message reception when system is busy) | Yes (advanced, multiple ways to slow down inputs depending on individual input capabilities, based on watermarks) |
| rewriting messages | Yes |
| output data into various formats | Yes |
| ability to control "message repeated n times" generation | Yes |
| supported platforms Linux, BSD, anecdotical seen on Solaris; compilation and basic testing done on HP UX | |
| DNS cache | Yes |
| Windows Event Log containers / log files (via separate agent application) | |
| Latest version | 7.2.6 stable (March 2013) |
User reviews and comments