Home

rsyslog

rsyslog is an open-source system logging daemon for Linux and other Unix-like operating systems. It collects, processes, stores, and forwards log messages from local sources and remote hosts. Designed for performance and reliability, rsyslog supports high-volume logging, flexible filtering, and rich output options, making it a popular replacement for traditional syslog daemons.

rsyslog uses a modular architecture built from input, processing, and output modules. Input modules include imuxsock

Configuration is managed through rsyslog.conf and supplemental files in /etc/rsyslog.d. Rulesets define how messages are matched

Common use cases include centralizing logs from multiple hosts to a central server, forwarding events to SIEMs,

rsyslog originated in the early 2000s as a performant alternative to traditional syslog daemons. It is developed

for
Unix
sockets,
imklog
for
kernel
messages,
imudp
and
imtcp
for
UDP/TCP,
and
imjournal
for
connecting
with
systemd
journal.
Message
processing
supports
RFC
5424/3164,
structured
data,
templates,
and
property-based
filtering.
Output
modules
include
omfile
for
file
storage,
omfwd
for
remote
forwarding
(via
TCP,
UDP,
RELP),
and
database
or
cloud
targets.
The
daemon
supports
reliable
queues
(in-memory
and
on-disk),
high-performance
asynchronous
processing,
rate
limiting,
and
secure
transport
with
TLS.
by
facility,
severity,
or
content
and
specify
actions
such
as
file
writes,
remote
forwarding,
or
database
insertion.
Templates
and
property
replacers
control
message
format
and
destination
addressing.
It
can
also
be
integrated
with
systemd's
journald
via
imjournal.
and
exporting
logs
to
databases
or
cloud
services.
rsyslog
is
the
default
syslog
daemon
in
many
Linux
distributions
and
is
compatible
with
standard
syslog
formats
and
RFCs.
It
supports
scalable
deployments
with
persistent
queues
and
centralized
management.
as
an
open-source
project
under
the
GNU
General
Public
License
and
has
evolved
through
multiple
major
releases,
remaining
widely
used
in
enterprise
environments.