rsyslog appears to act on old configuration

Posted by Jeff Lee on Server Fault See other posts from Server Fault or by Jeff Lee
Published on 2012-04-04T22:01:01Z Indexed on 2012/04/04 23:32 UTC
Read the original article Hit count: 256

Filed under:

logging

|

rsyslog

I'm using a template to dynamically generate rsyslog filenames. I've made some changes from my original format, but rsyslog still appears to be using both the new template and the old after restarting.

My filename template went from this:

$template RemoteDailyLog,"/var/log/remote/%hostname%/%$year%/%$month%/%$day%.log"

To this:

$template RemoteDailyLog,"/var/log/remote/%hostname%/%fromhost-ip%/%$year%/%$month%/%$day%.log"

I stopped rsyslogd using service rsyslog stop, deleted all of my log files using rm -rf /var/log/remote/*, and then restarted rsyslogd with service rsyslog start.

The problem is rsyslog seems to be building folder structures of the type "/var/log/remote/%hostname%/%$year%/%$month%/%$day%.log" (i.e., without the remote IP), which no longer appears anywhere in my configuration.

Is it possible that old log or config data have been cached somewhere and are being preserved through the server restart? This is creeping me out a little.

© Server Fault or respective owner

Related posts about logging

log file is not getting created using JDK logging with Commons-logging

as seen on Stack Overflow - Search for 'Stack Overflow'
When I run the TestJcLLoggingService class log messages are coming to Console but no log file is created, please help me if you know the answer. two source files are pasted below. TestJcLLoggingService.java package com.amadeus.psp.pasd.logging; import org.apache.commons.logging.Log; import org… >>> More
Python: combine logging and wx so that logging stream is redirectet to stdout/stderr frame

as seen on Stack Overflow - Search for 'Stack Overflow'
Here's the thing: I'm trying to combine the logging module with wx.App()'s redirect feature. My intention is to log to a file AND to stderr. But I want stderr/stdout redirected to a separate frame as is the feature of wx.App. My test code: import logging import wx class MyFrame(wx.Frame): … >>> More
Python logging before you run logging.basicConfig?

as seen on Stack Overflow - Search for 'Stack Overflow'
It appears that if you invoke logging.info() BEFORE you run logging.basicConfig, the logging.basicConfig call doesn't have any effect. In fact, no logging occurs. Where is this behavior documented? I don't really understand. >>> More
Redirect logging output using custom logging handler

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Guys, I'm using a module in my python app that writes a lot a of messages using the logging module. Initially I was using this in a console application and it was pretty easy to get the logging output to display on the console using a console handler. Now I've developed a GUI version of my app… >>> More
Java Logger API

as seen on Oracle Blogs - Search for 'Oracle Blogs'
This is a more like a tip rather than technical write up and serves as a quick intro for newbies. The logger API helps to diagnose application level or JDK level issues at runtime. There are 7 levels which decide the detailing in logging (SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST)… >>> More

Related posts about rsyslog

How to start up rsyslog automatically?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Check current status of rsyslog $ chkconfig --list rsyslog rsyslog 0:off 1:off 2:off 3:off 4:off 5:off 6:off Start up rsyslog at some levels $ sudo chkconfig --level 35 rsyslog on It outputs these information: insserv: warning: script 'plymouth-stop' missing LSB tags… >>> More
rsyslog channels change ownership from root

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Hello all I am using rsyslog on ubuntu 10.4 64bit LTS. the following is the relevant config in /etc/rsyslog.d/60-mylogger.conf $template Paul,"%msg%\n" $outchannel log_rotation_paul,/var/log/paul/events.log,2000,/opt/scripts/log_rotation_script.sh local0.* $log_rotation_paul;Paul This… >>> More
Rsyslog stops sending data to remote server after log rotation

as seen on Server Fault - Search for 'Server Fault'
In my configuration, I have rsyslog who is in charge of following changes of /home/user/my_app/shared/log/unicorn.stderr.log using imfile. The content is sent to another remote logging server using TCP. When the log file rotates, rsyslog stops sending data to the remote server. I tried reloading… >>> More
Does the ``-'' sign have meaning in rsyslog.conf

as seen on Server Fault - Search for 'Server Fault'
Rsyslog is backwards-compatible with Syslog configuration files. The syslog.conf man page has: You may prefix each entry with the minus ``-'' sign to omit syncing the file after every logging. Note that you might lose information if the system crashes right behind a write attempt. Nevertheless… >>> More
Rsyslog to get logs from one machine to another

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi I am very new to this... please help me configure rsyslog to get log from one machine to another machine. I am trying to get the log files from multiple systems to a base system. I have installed rsyslog on Ubuntu and tried configuring it But it did not work >>> More