FreeBSD

From rsyslog wiki

Jump to: navigation, search

Rsyslog is present in the FreeBSD ports collection: Rsyslog3. In November, 2008, the rsyslog port was updated to version 3.20.2. That brought full support for Kernel logging in FreeBSD.

There is an old port for Rsyslog 2.x.x: Rsyslog2. This port is without maintainer and deprecated.

Please report or cc all the problems you have with rsyslog on FreeBSD to the port's maintainer: miwi@FreeBSD.org

Contents

[edit] Modules

The modules klog, mail, imfile, imtemplate and gnutls come in the main port.

The following modules are packaged as separate ports.

  • sysutils/rsyslog3-libdbi
  • sysutils/rsyslog3-gssapi
    This modules works for FreeBSD 7.0 and above.
  • sysutils/rsyslog3-mysql
  • sysutils/rsyslog3-pgsql
  • sysutils/rsyslog3-relp
  • sysutils/rsyslog3-snmp

There is no port for the rfc3195 module, but it can be installed running make with this argument: 

make CONFIGURE_ARGS+=--enable-rfc3195

The port liblogging must be installed first or the above command will fail.

[edit] Installation

To install rsyslog, just run: 

#cd /usr/ports/sysutils/rsyslog3
#make install clean

[edit] Replacing stock syslogd

You can use the port as a drop-in replacement for stock syslogd. Follow instructions in package message to make it work seamlessly with newsyslog. It also supports chrooted daemons, such as named, in the same way stock syslogd does.

To start using rsyslogd, stop syslogd if it's running: 

/etc/rc.d/syslogd stop

And add the following lines to /etc/rc.conf: 

syslogd_enable="NO"
rsyslogd_enable="YES"

newsyslog has the path of syslogd's pid file hardcoded. To make it work seamlessly with rsyslog, add this: 

rsyslogd_pidfile="/var/run/syslog.pid"

To disable compatibility mode, add this line too: 

rsyslogd_flags="-c3"

Copy /etc/syslog.conf to /usr/local/etc/rsyslog.conf and edit it there, add the following lines to the beginning of the file: 

$ModLoad immark.so   # provides --MARK-- message capability
$ModLoad imuxsock.so # provides support for local system logging
$ModLoad imklog.so   # kernel logging

[edit] Notes

  • The port had been improved and works well for production environments. It still needs some work, like creating an examples directory in /usr/share/example that would contain sql syntax file and a sample configuration.
  • This example was writting for FreeBSD 7.0-RELEASE
  • Note the time this was written: --Cristiano, 28 December 2008
Retrieved from "http://wiki.rsyslog.com/index.php/FreeBSD"
Personal tools
language