Rsyslog is an open source

Open source

The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...

 software utility used on UNIX

Unix

Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...

 and Unix-like

Unix-like

A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....

 computer systems for forwarding log messages in an IP

Internet Protocol

The Internet Protocol is the principal communications protocol used for relaying datagrams across an internetwork using the Internet Protocol Suite...

 network

Computer network

A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....

. It implements the basic syslog

Syslog

Syslog is a standard for computer data logging. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them...

 protocol, extends it with content-based filtering, rich filtering capabilities, flexible configuration options and adds important features such as using TCP

Transmission Control Protocol

The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...

 for transport.

Protocol

Rsyslog uses the quasi-standard BSD syslog protocol, specified in RFC

Request for Comments

In computer network engineering, a Request for Comments is a memorandum published by the Internet Engineering Task Force describing methods, behaviors, research, or innovations applicable to the working of the Internet and Internet-connected systems.Through the Internet Society, engineers and...

 3164. As the text of RFC 3164 is just a vague informational description and not a standard, various incompatible extensions of it emerged. Rsyslog supports many of these extensions. The format of relayed messages can be customized.

The most important extensions of the original protocol supported by rsyslog are:

• ISO 8601
  ISO 8601
  ISO 8601 Data elements and interchange formats – Information interchange – Representation of dates and times is an international standard covering the exchange of date and time-related data. It was issued by the International Organization for Standardization and was first published in 1988...
  
   timestamp with millisecond granularity and timezone information
• the addition of the name of relays in the host fields to make it possible to track the path a given message has traversed
• reliable transport using TCP
  Transmission Control Protocol
  The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
  
  
• support GSS-API
  Generic Security Services Application Program Interface
  The Generic Security Services Application Program Interface is an application programming interface for programs to access security services....
  
   and TLS
  Transport Layer Security
  Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
  
  
• logging directly into various database engines.
• support for the upcoming new IETF syslog RFC series
• support for buffered operation modes where messages are buffered locally if the receiver is not ready

History

The rsyslog project began in 2004, when Rainer Gerhards, the primary author of rsyslog, decided to write a new strong syslog daemon to compete with syslog-ng

Syslog-ng

syslog-ng is an open source implementation of the Syslog protocol for Unix and Unix-like systems. It extends the original syslogd model with content-based filtering, rich filtering capabilities, flexible configuration options and adds important features to syslog, like using TCP for transport. As...

, because; and according to the author "A new major player will prevent monocultures and provide a rich freedom of choice."
Rainer Gerhards worked on rsyslog inside his own society, Adiscon GmbH.

Distributions

rsyslog is available for a number of Unix systems and Linux distributions, among others:

• Fedora
  Fedora (operating system)
  Fedora is a RPM-based, general purpose collection of software, including an operating system based on the Linux kernel, developed by the community-supported Fedora Project and sponsored by Red Hat...
  
   (In November 2007, rsyslog has become the default syslogd for the Fedora project) Fedora was the first major distribution to adopt this software.
• openSUSE
  OpenSUSE
  openSUSE is a general purpose operating system built on top of the Linux kernel, developed by the community-supported openSUSE Project and sponsored by SUSE...
  
   (default since 11.2; November 2009)
• Debian GNU/Linux
  Debian
  Debian is a computer operating system composed of software packages released as free and open source software primarily under the GNU General Public License along with other free software licenses. Debian GNU/Linux, which includes the GNU OS tools and Linux kernel, is a popular and influential...
  
   (As of Debian 5.0, rsyslog has become the default syslog)
• Ubuntu
  Ubuntu (operating system)
  Ubuntu is a computer operating system based on the Debian Linux distribution and distributed as free and open source software. It is named after the Southern African philosophy of Ubuntu...
  
  
• Red Hat Enterprise Linux
  Red Hat Enterprise Linux
  Red Hat Enterprise Linux is a Linux-based operating system developed by Red Hat and targeted toward the commercial market. Red Hat Enterprise Linux is released in server versions for x86, x86-64, Itanium, PowerPC and IBM System z, and desktop versions for x86 and x86-64...
  
   (from RHEL 5)
• Solaris
• FreeBSD
  FreeBSD
  FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called “UNIX”, as the direct descendant of BSD UNIX , FreeBSD’s internals and system APIs are UNIX-compliant...
  
  
• OpenBSD
  OpenBSD
  OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution , a Unix derivative developed at the University of California, Berkeley. It was forked from NetBSD by project leader Theo de Raadt in late 1995...
  
  
• Gentoo
  Gentoo Linux
  Gentoo Linux is a computer operating system built on top of the Linux kernel and based on the Portage package management system. It is distributed as free and open source software. Unlike a conventional software distribution, the user compiles the source code locally according to their chosen...
  
  

Related RFCs and working groups

• RFC 3164 - The BSD syslog Protocol (obsoleted by RFC 5424)
• RFC 5424 - The Syslog Protocol (obsoletes RFC 3164)
• RFC 5425 - Transport Layer Security Mapping for Syslog
• RFC 5426 - Transmission of Syslog Messages over UDP

External links

• Official website
• Web Interface for rsyslog
• Web Interface for rsyslog (with alerts, etc.)