From f2f85fcf446dcfb8ca9a21dff6a292bf7f68607f Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 27 Sep 2012 18:38:53 +0200 Subject: fix whitespace issue --- plugins/imfile/imfile.c | 1 - 1 file changed, 1 deletion(-) diff --git a/plugins/imfile/imfile.c b/plugins/imfile/imfile.c index 462a5e78..453b6b05 100644 --- a/plugins/imfile/imfile.c +++ b/plugins/imfile/imfile.c @@ -562,7 +562,6 @@ finalize_it: ENDsetModCnf - BEGINendCnfLoad CODESTARTendCnfLoad if(!loadModConf->configSetViaV2Method) { -- cgit v1.2.3 From 5347e87dca36d4c125832b2ef52f16c6d3a9fb83 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 27 Sep 2012 18:47:51 +0200 Subject: imptcp: implement support for module() parameters --- plugins/imptcp/imptcp.c | 77 ++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 70 insertions(+), 7 deletions(-) diff --git a/plugins/imptcp/imptcp.c b/plugins/imptcp/imptcp.c index 9992ee20..a13fd990 100644 --- a/plugins/imptcp/imptcp.c +++ b/plugins/imptcp/imptcp.c @@ -90,6 +90,8 @@ DEFobjCurrIf(statsobj) /* forward references */ static void * wrkr(void *myself); +#define DFLT_wrkrMax 2 + /* config settings */ typedef struct configSettings_s { int bKeepAlive; /* support keep-alive packets */ @@ -127,11 +129,22 @@ struct modConfData_s { rsconf_t *pConf; /* our overall config object */ instanceConf_t *root, *tail; int wrkrMax; + sbool configSetViaV2Method; }; static modConfData_t *loadModConf = NULL;/* modConf ptr to use for the current load process */ static modConfData_t *runModConf = NULL;/* modConf ptr to use for the current load process */ +/* module-global parameters */ +static struct cnfparamdescr modpdescr[] = { + { "threads", eCmdHdlrPositiveInt, 0 } +}; +static struct cnfparamblk modpblk = + { CNFPARAMBLK_VERSION, + sizeof(modpdescr)/sizeof(struct cnfparamdescr), + modpdescr + }; + /* input instance parameters */ static struct cnfparamdescr inppdescr[] = { { "port", eCmdHdlrString, CNFPARAM_REQUIRED }, /* legacy: InputTCPServerRun */ @@ -153,6 +166,8 @@ static struct cnfparamblk inppblk = }; #include "im-helper.h" /* must be included AFTER the type definitions! */ +static int bLegacyCnfModGlobalsPermitted;/* are legacy module-global config parameters permitted? */ + /* data elements describing our running config */ typedef struct ptcpsrv_s ptcpsrv_t; typedef struct ptcplstn_s ptcplstn_t; @@ -832,7 +847,7 @@ static inline void initConfigSettings(void) { cs.bEmitMsgOnClose = 0; - cs.wrkrMax = 2; + cs.wrkrMax = DFLT_wrkrMax; cs.bSuppOctetFram = 1; cs.iAddtlFrameDelim = TCPSRV_NO_ADDTL_DELIMITER; cs.pszInputName = NULL; @@ -1152,6 +1167,7 @@ startWorkerPool(void) wrkrRunning = 0; if(runModConf->wrkrMax > 16) runModConf->wrkrMax = 16; /* TODO: make dynamic? */ + DBGPRINTF("imptcp: starting worker pool, %d workers\n", runModConf->wrkrMax); pthread_mutex_init(&wrkrMut, NULL); pthread_cond_init(&wrkrIdle, NULL); for(i = 0 ; i < runModConf->wrkrMax ; ++i) { @@ -1170,6 +1186,7 @@ static inline void stopWorkerPool(void) { int i; + DBGPRINTF("imptcp: stoping worker pool\n"); for(i = 0 ; i < runModConf->wrkrMax ; ++i) { pthread_cond_signal(&wrkrInfo[i].run); /* awake wrkr if not running */ pthread_join(wrkrInfo[i].tid, NULL); @@ -1178,7 +1195,6 @@ stopWorkerPool(void) } pthread_cond_destroy(&wrkrIdle); pthread_mutex_destroy(&wrkrMut); - } @@ -1455,15 +1471,60 @@ BEGINbeginCnfLoad CODESTARTbeginCnfLoad loadModConf = pModConf; pModConf->pConf = pConf; + /* init our settings */ + loadModConf->wrkrMax = DFLT_wrkrMax; + loadModConf->configSetViaV2Method = 0; + bLegacyCnfModGlobalsPermitted = 1; /* init legacy config vars */ initConfigSettings(); ENDbeginCnfLoad +BEGINsetModCnf + struct cnfparamvals *pvals = NULL; + int i; +CODESTARTsetModCnf + pvals = nvlstGetParams(lst, &modpblk, NULL); + if(pvals == NULL) { + errmsg.LogError(0, RS_RET_MISSING_CNFPARAMS, "imptcp: error processing module " + "config parameters [module(...)]"); + ABORT_FINALIZE(RS_RET_MISSING_CNFPARAMS); + } + + if(Debug) { + dbgprintf("module (global) param blk for imptcp:\n"); + cnfparamsPrint(&modpblk, pvals); + } + + for(i = 0 ; i < modpblk.nParams ; ++i) { + if(!pvals[i].bUsed) + continue; + if(!strcmp(modpblk.descr[i].name, "threads")) { + loadModConf->wrkrMax = (int) pvals[i].val.d.n; + } else { + dbgprintf("imptcp: program error, non-handled " + "param '%s' in beginCnfLoad\n", modpblk.descr[i].name); + } + } + + /* remove all of our legacy handlers, as they can not used in addition + * the the new-style config method. + */ + bLegacyCnfModGlobalsPermitted = 0; + loadModConf->configSetViaV2Method = 1; + +finalize_it: + if(pvals != NULL) + cnfparamvalsDestruct(pvals, &modpblk); +ENDsetModCnf + + BEGINendCnfLoad CODESTARTendCnfLoad - /* persist module-specific settings from legacy config system */ - loadModConf->wrkrMax = cs.wrkrMax; + if(!loadModConf->configSetViaV2Method) { + /* persist module-specific settings from legacy config system */ + loadModConf->wrkrMax = cs.wrkrMax; + } loadModConf = NULL; /* done loading */ /* free legacy config vars */ @@ -1647,7 +1708,7 @@ static rsRetVal resetConfigVariables(uchar __attribute__((unused)) *pp, void __attribute__((unused)) *pVal) { cs.bEmitMsgOnClose = 0; - cs.wrkrMax = 2; + cs.wrkrMax = DFLT_wrkrMax; cs.bKeepAlive = 0; cs.iKeepAliveProbes = 0; cs.iKeepAliveTime = 0; @@ -1673,6 +1734,7 @@ BEGINqueryEtryPt CODESTARTqueryEtryPt CODEqueryEtryPt_STD_IMOD_QUERIES CODEqueryEtryPt_STD_CONF2_QUERIES +CODEqueryEtryPt_STD_CONF2_setModCnf_QUERIES CODEqueryEtryPt_STD_CONF2_PREPRIVDROP_QUERIES CODEqueryEtryPt_STD_CONF2_IMOD_QUERIES CODEqueryEtryPt_IsCompatibleWithFeature_IF_OMOD_QUERIES @@ -1716,14 +1778,15 @@ CODEmodInit_QueryRegCFSLineHdlr eCmdHdlrBinary, NULL, &cs.bEmitMsgOnClose, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputptcpserveraddtlframedelimiter"), 0, eCmdHdlrInt, NULL, &cs.iAddtlFrameDelim, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputptcpserverhelperthreads"), 0, eCmdHdlrInt, - NULL, &cs.wrkrMax, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputptcpserverinputname"), 0, eCmdHdlrGetWord, NULL, &cs.pszInputName, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputptcpserverlistenip"), 0, eCmdHdlrGetWord, NULL, &cs.lstnIP, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputptcpserverbindruleset"), 0, eCmdHdlrGetWord, NULL, &cs.pszBindRuleset, STD_LOADABLE_MODULE_ID)); + /* module-global parameters */ + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputptcpserverhelperthreads"), 0, eCmdHdlrInt, + NULL, &cs.wrkrMax, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("resetconfigvariables"), 1, eCmdHdlrCustomHandler, resetConfigVariables, NULL, STD_LOADABLE_MODULE_ID)); ENDmodInit -- cgit v1.2.3 From 43da91636a5d8f60c21f1795d25fb0755e356d9f Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 28 Sep 2012 08:09:47 +0200 Subject: imtcp: implement support for module() parameters --- plugins/imtcp/imtcp.c | 173 +++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 135 insertions(+), 38 deletions(-) diff --git a/plugins/imtcp/imtcp.c b/plugins/imtcp/imtcp.c index a00d4ebe..3ad03615 100644 --- a/plugins/imtcp/imtcp.c +++ b/plugins/imtcp/imtcp.c @@ -123,11 +123,31 @@ struct modConfData_s { sbool bKeepAlive; sbool bEmitMsgOnClose; /* emit an informational message on close by remote peer */ uchar *pszStrmDrvrAuthMode; /* authentication mode to use */ + sbool configSetViaV2Method; }; static modConfData_t *loadModConf = NULL;/* modConf ptr to use for the current load process */ static modConfData_t *runModConf = NULL;/* modConf ptr to use for the current load process */ +/* module-global parameters */ +static struct cnfparamdescr modpdescr[] = { + { "flowcontrol", eCmdHdlrBinary, 0 }, + { "disablelfdelimiter", eCmdHdlrBinary, 0 }, + { "octetcountedframing", eCmdHdlrBinary, 0 }, + { "notifyonconnectionclose", eCmdHdlrBinary, 0 }, + { "addtlframedelimiter", eCmdHdlrPositiveInt, 0 }, + { "maxsessions", eCmdHdlrPositiveInt, 0 }, + { "maxlistners", eCmdHdlrPositiveInt, 0 }, + { "streamdriver.mode", eCmdHdlrPositiveInt, 0 }, + { "streamdriver.authmode", eCmdHdlrString, 0 }, + { "keepalive", eCmdHdlrBinary, 0 } +}; +static struct cnfparamblk modpblk = + { CNFPARAMBLK_VERSION, + sizeof(modpdescr)/sizeof(struct cnfparamdescr), + modpdescr + }; + /* input instance parameters */ static struct cnfparamdescr inppdescr[] = { { "port", eCmdHdlrString, CNFPARAM_REQUIRED }, /* legacy: InputTCPServerRun */ @@ -143,6 +163,8 @@ static struct cnfparamblk inppblk = #include "im-helper.h" /* must be included AFTER the type definitions! */ +static int bLegacyCnfModGlobalsPermitted;/* are legacy module-global config parameters permitted? */ + /* callbacks */ /* this shall go into a specific ACL module! */ static int @@ -242,8 +264,6 @@ finalize_it: } - - /* This function is called when a new listener instace shall be added to * the current config object via the legacy config system. It just shuffles * all parameters to the listener in-memory instance. @@ -369,30 +389,103 @@ BEGINbeginCnfLoad CODESTARTbeginCnfLoad loadModConf = pModConf; pModConf->pConf = pConf; + /* init our settings */ + loadModConf->iTCPSessMax = 200; + loadModConf->iTCPLstnMax = 20; + loadModConf->bSuppOctetFram = 1; + loadModConf->iStrmDrvrMode = 0; + loadModConf->bUseFlowControl = 0; + loadModConf->bKeepAlive = 0; + loadModConf->bEmitMsgOnClose = 0; + loadModConf->iAddtlFrameDelim = TCPSRV_NO_ADDTL_DELIMITER; + loadModConf->bDisableLFDelim = 0; + loadModConf->pszStrmDrvrAuthMode = NULL; + loadModConf->configSetViaV2Method = 0; + bLegacyCnfModGlobalsPermitted = 1; /* init legacy config variables */ cs.pszStrmDrvrAuthMode = NULL; resetConfigVariables(NULL, NULL); /* dummy parameters just to fulfill interface def */ ENDbeginCnfLoad +BEGINsetModCnf + struct cnfparamvals *pvals = NULL; + int i; +CODESTARTsetModCnf + pvals = nvlstGetParams(lst, &modpblk, NULL); + if(pvals == NULL) { + errmsg.LogError(0, RS_RET_MISSING_CNFPARAMS, "imtcp: error processing module " + "config parameters [module(...)]"); + ABORT_FINALIZE(RS_RET_MISSING_CNFPARAMS); + } + + if(Debug) { + dbgprintf("module (global) param blk for imtcp:\n"); + cnfparamsPrint(&modpblk, pvals); + } + + for(i = 0 ; i < modpblk.nParams ; ++i) { + if(!pvals[i].bUsed) + continue; + if(!strcmp(modpblk.descr[i].name, "flowcontrol")) { + loadModConf->bUseFlowControl = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "disablelfdelimiter")) { + loadModConf->bDisableLFDelim = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "octetcountedframing")) { + loadModConf->bSuppOctetFram = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "notifyonconnectionclose")) { + loadModConf->bEmitMsgOnClose = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "addtlframedelimiter")) { + loadModConf->iAddtlFrameDelim = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "maxsessions")) { + loadModConf->iTCPSessMax = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "maxlistners")) { + loadModConf->iTCPLstnMax = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "keepalive")) { + loadModConf->bKeepAlive = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "streamdriver.mode")) { + loadModConf->iStrmDrvrMode = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "streamdriver.mode")) { + loadModConf->pszStrmDrvrAuthMode = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL); + } else { + dbgprintf("imtcp: program error, non-handled " + "param '%s' in beginCnfLoad\n", modpblk.descr[i].name); + } + } + + /* remove all of our legacy handlers, as they can not used in addition + * the the new-style config method. + */ + bLegacyCnfModGlobalsPermitted = 0; + loadModConf->configSetViaV2Method = 1; + +finalize_it: + if(pvals != NULL) + cnfparamvalsDestruct(pvals, &modpblk); +ENDsetModCnf + + BEGINendCnfLoad CODESTARTendCnfLoad - /* persist module-specific settings from legacy config system */ - pModConf->iTCPSessMax = cs.iTCPSessMax; - pModConf->iTCPLstnMax = cs.iTCPLstnMax; - pModConf->iStrmDrvrMode = cs.iStrmDrvrMode; - pModConf->bEmitMsgOnClose = cs.bEmitMsgOnClose; - pModConf->bSuppOctetFram = cs.bSuppOctetFram; - pModConf->iAddtlFrameDelim = cs.iAddtlFrameDelim; - pModConf->bDisableLFDelim = cs.bDisableLFDelim; - pModConf->bUseFlowControl = cs.bUseFlowControl; - pModConf->bKeepAlive = cs.bKeepAlive; - if((cs.pszStrmDrvrAuthMode == NULL) || (cs.pszStrmDrvrAuthMode[0] == '\0')) { - loadModConf->pszStrmDrvrAuthMode = NULL; - free(cs.pszStrmDrvrAuthMode); - } else { - loadModConf->pszStrmDrvrAuthMode = cs.pszStrmDrvrAuthMode; + if(!loadModConf->configSetViaV2Method) { + /* persist module-specific settings from legacy config system */ + pModConf->iTCPSessMax = cs.iTCPSessMax; + pModConf->iTCPLstnMax = cs.iTCPLstnMax; + pModConf->iStrmDrvrMode = cs.iStrmDrvrMode; + pModConf->bEmitMsgOnClose = cs.bEmitMsgOnClose; + pModConf->bSuppOctetFram = cs.bSuppOctetFram; + pModConf->iAddtlFrameDelim = cs.iAddtlFrameDelim; + pModConf->bDisableLFDelim = cs.bDisableLFDelim; + pModConf->bUseFlowControl = cs.bUseFlowControl; + pModConf->bKeepAlive = cs.bKeepAlive; + if((cs.pszStrmDrvrAuthMode == NULL) || (cs.pszStrmDrvrAuthMode[0] == '\0')) { + loadModConf->pszStrmDrvrAuthMode = NULL; + } else { + loadModConf->pszStrmDrvrAuthMode = cs.pszStrmDrvrAuthMode; + } } + if((cs.pszStrmDrvrAuthMode == NULL) || (cs.pszStrmDrvrAuthMode[0] == '\0')) + free(cs.pszStrmDrvrAuthMode); cs.pszStrmDrvrAuthMode = NULL; loadModConf = NULL; /* done loading */ @@ -527,6 +620,7 @@ BEGINqueryEtryPt CODESTARTqueryEtryPt CODEqueryEtryPt_STD_IMOD_QUERIES CODEqueryEtryPt_STD_CONF2_QUERIES +CODEqueryEtryPt_STD_CONF2_setModCnf_QUERIES CODEqueryEtryPt_STD_CONF2_PREPRIVDROP_QUERIES CODEqueryEtryPt_STD_CONF2_IMOD_QUERIES CODEqueryEtryPt_IsCompatibleWithFeature_IF_OMOD_QUERIES @@ -549,36 +643,39 @@ CODEmodInit_QueryRegCFSLineHdlr /* register config file handlers */ CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverrun"), 0, eCmdHdlrGetWord, addInstance, NULL, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverkeepalive"), 0, eCmdHdlrBinary, - NULL, &cs.bKeepAlive, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserversupportoctetcountedframing"), 0, eCmdHdlrBinary, - NULL, &cs.bSuppOctetFram, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpmaxsessions"), 0, eCmdHdlrInt, - NULL, &cs.iTCPSessMax, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpmaxlisteners"), 0, eCmdHdlrInt, - NULL, &cs.iTCPLstnMax, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpservernotifyonconnectionclose"), 0, eCmdHdlrBinary, - NULL, &cs.bEmitMsgOnClose, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverstreamdrivermode"), 0, eCmdHdlrInt, - NULL, &cs.iStrmDrvrMode, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverstreamdriverauthmode"), 0, eCmdHdlrGetWord, - NULL, &cs.pszStrmDrvrAuthMode, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverstreamdriverpermittedpeer"), 0, eCmdHdlrGetWord, setPermittedPeer, NULL, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserveraddtlframedelimiter"), 0, eCmdHdlrInt, - NULL, &cs.iAddtlFrameDelim, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverdisablelfdelimiter"), 0, eCmdHdlrBinary, - NULL, &cs.bDisableLFDelim, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverinputname"), 0, eCmdHdlrGetWord, NULL, &cs.pszInputName, STD_LOADABLE_MODULE_ID)); CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpserverbindruleset"), 0, eCmdHdlrGetWord, NULL, &cs.pszBindRuleset, STD_LOADABLE_MODULE_ID)); - CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("inputtcpflowcontrol"), 0, eCmdHdlrBinary, - NULL, &cs.bUseFlowControl, STD_LOADABLE_MODULE_ID)); + /* module-global config params - will be disabled in configs that are loaded + * via module(...). + */ + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpserverstreamdriverauthmode"), 0, eCmdHdlrGetWord, + NULL, &cs.pszStrmDrvrAuthMode, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpserverkeepalive"), 0, eCmdHdlrBinary, + NULL, &cs.bKeepAlive, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpflowcontrol"), 0, eCmdHdlrBinary, + NULL, &cs.bUseFlowControl, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpserverdisablelfdelimiter"), 0, eCmdHdlrBinary, + NULL, &cs.bDisableLFDelim, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpserveraddtlframedelimiter"), 0, eCmdHdlrInt, + NULL, &cs.iAddtlFrameDelim, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpserversupportoctetcountedframing"), 0, eCmdHdlrBinary, + NULL, &cs.bSuppOctetFram, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpmaxsessions"), 0, eCmdHdlrInt, + NULL, &cs.iTCPSessMax, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpmaxlisteners"), 0, eCmdHdlrInt, + NULL, &cs.iTCPLstnMax, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpservernotifyonconnectionclose"), 0, eCmdHdlrBinary, + NULL, &cs.bEmitMsgOnClose, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(regCfSysLineHdlr2(UCHAR_CONSTANT("inputtcpserverstreamdrivermode"), 0, eCmdHdlrInt, + NULL, &cs.iStrmDrvrMode, STD_LOADABLE_MODULE_ID, &bLegacyCnfModGlobalsPermitted)); + CHKiRet(omsdRegCFSLineHdlr(UCHAR_CONSTANT("resetconfigvariables"), 1, eCmdHdlrCustomHandler, resetConfigVariables, NULL, STD_LOADABLE_MODULE_ID)); ENDmodInit - /* vim:set ai: */ -- cgit v1.2.3 From cf0fd87e17db12dd28edd260d02d0e5aa96deb71 Mon Sep 17 00:00:00 2001 From: Florian Riedl Date: Fri, 28 Sep 2012 08:24:13 +0200 Subject: doc: update module doc to new config format --- doc/imfile.html | 137 ++++++++++++++++++++++++++++++--------- doc/imptcp.html | 70 ++++++++++++++++---- doc/imrelp.html | 28 +++++++- doc/imudp.html | 55 ++++++++++++---- doc/imuxsock.html | 190 ++++++++++++++++++++++++++++++++++++++++-------------- 5 files changed, 373 insertions(+), 107 deletions(-) diff --git a/doc/imfile.html b/doc/imfile.html index 7961729b..1594cdce 100644 --- a/doc/imfile.html +++ b/doc/imfile.html @@ -36,17 +36,40 @@ file names in the future.

Multiple files may be monitored by specifying $InputRunFileMonitor multiple times.

+

Configuration Directives:

+

Module Directives

    -
  • $InputFileName /path/to/file
    +
  • PollingInterval +seconds
    +This is a global setting. It specifies how often files are to be polled +for new data. The time specified is in seconds. The default value is 10 +seconds. Please note that future +releases of imfile may support per-file polling intervals, but +currently this is not the case. If multiple PollingInterval +statements are present in rsyslog.conf, only the last one is used.
    +A short poll interval provides more rapid message forwarding, but +requires more system ressources. While it is possible, we stongly +recommend not to set the polling interval to 0 seconds. That will make +rsyslogd become a CPU hog, taking up considerable ressources. It is +supported, however, for the few very unusual situations where this +level may be needed. Even if you need quick response, 1 seconds should +be well enough. Please note that imfile keeps reading files as long as +there is any data in them. So a "polling sleep" will only happen when +nothing is left to be processed.
    • +
+ +

Action Directives

+
    +
  • File /path/to/file
    The file being monitored. So far, this must be an absolute name (no macros or templates)
    • -
  • $InputFileTag +
  • Tag tag:
    The tag to be used for messages that originate from this file. If you would like to see the colon after the tag, you need to specify it here (as shown above).
    • -
  • $InputFileStateFile +
  • StateFile <name-of-state-file>
    Rsyslog must keep track of which parts of the to be monitored file it already processed. This is done in the state file. This file always is @@ -55,40 +78,19 @@ $WorkDirectory). Be careful to use unique names for different files being monitored. If there are duplicates, all sorts of "interesting" things may happen. Rsyslog currently does not check if a name is specified multiple times.
    • -
  • $InputFileFacility +
  • Facility facility
    The syslog facility to be assigned to lines read. Can be specified in textual form (e.g. "local0", "local1", ...) or as numbers (e.g. 128 for "local0"). Textual form is suggested. Default  is "local0".
    • -
  • $InputFileSeverity
    +
  • Severity
    The syslog severity to be assigned to lines read. Can be specified in textual form (e.g. "info", "warning", ...) or as numbers (e.g. 4 for "info"). Textual form is suggested. Default is "notice".
    • -
  • $InputRunFileMonitor
    -This activates -the current monitor. It has no parameters. If you forget this -directive, no file monitoring will take place.
    • -
  • $InputFilePollInterval -seconds
    -This is a global setting. It specifies how often files are to be polled -for new data. The time specified is in seconds. The default value is 10 -seconds. Please note that future -releases of imfile may support per-file polling intervals, but -currently this is not the case. If multiple $InputFilePollInterval -statements are present in rsyslog.conf, only the last one is used.
    -A short poll interval provides more rapid message forwarding, but -requires more system ressources. While it is possible, we stongly -recommend not to set the polling interval to 0 seconds. That will make -rsyslogd become a CPU hog, taking up considerable ressources. It is -supported, however, for the few very unusual situations where this -level may be needed. Even if you need quick response, 1 seconds should -be well enough. Please note that imfile keeps reading files as long as -there is any data in them. So a "polling sleep" will only happen when -nothing is left to be processed.
    • -
  • $InputFilePersistStateInterval [lines]
    +
  • PersistStateInterval [lines]
    Available in 4.7.3+, 5.6.2+
    Specifies how often the state file shall be written when processing the input file. The default value is 0, which means a new state file is only written when @@ -98,9 +100,9 @@ been processed. This setting can be used to guard against message duplication du to fatal errors (like power fail). Note that this setting affects imfile performance, especially when set to a low value. Frequently writing the state file is very time consuming. -
  • $InputFileReadMode [mode]
    +
  • ReadMode [mode]
    Available in 5.7.5+ -
  • $InputFileMaxLinesAtOnce [number]
    +
  • MaxLinesAtOnce [number]
    Available in 5.9.0+
    This is useful if multiple files need to be monitored. If set to 0, each file @@ -109,8 +111,16 @@ will be fully processed and then processing switches to the next file [number] lines is processed in sequence for each file, and then the file is switched. This provides a kind of mutiplexing the load of multiple files and probably leads to a more natural distribution of events when multiple busy files -are monitored. The default is 10240. -
  • $InputFileBindRuleset <ruleset>
    +are monitored. The default is 1024. +
  • MaxSubmitAtOnce [number]
    +Available in 5.9.0+ +
    +This is an expert option. It can be used to set the maximum input batch size that +imfile can generate. The default is 1024, which is suitable for a wide range of +applications. Be sure to understand rsyslog message batch processing before you +modify this option. If you do not know what this doc here talks about, this is a +good indication that you should NOT modify the default. +
  • Ruleset <ruleset>
    Available in 5.7.5+, 6.1.5+ Binds the listener to a specific ruleset.
@@ -132,6 +142,71 @@ your distro puts rsyslog's config files). Note that only commands actually needed need to be specified. The second file uses less commands and uses defaults instead.

+ + + +

Legacy Configuration Directives:

+
    +
  • $InputFileName /path/to/file
    +equivalent to: File
    • +
  • $InputFileTag +tag:
    +equivalent to: Tag
    • +
  • $InputFileStateFile +<name-of-state-file>
    +equivalent to: StateFile
    • +
  • $InputFileFacility +facility
    +equivalent to: Facility
    • +
  • $InputFileSeverity
    +equivalent to: Severity
    • +
  • $InputRunFileMonitor
    +This activates +the current monitor. It has no parameters. If you forget this +directive, no file monitoring will take place.
    • +
  • $InputFilePollInterval +seconds
    +equivalent to: PollingInterva
    • +
  • $InputFilePersistStateInterval [lines]
    +equivalent to: PersistStateInterval +
  • $InputFileReadMode [mode]
    +equivalent to: ReadMode +
  • $InputFileMaxLinesAtOnce [number]
    +equivalent to: MaxLinesAtOnce +
  • $InputFileBindRuleset <ruleset>
    +equivalent to: Ruleset
    • +
+Caveats/Known Bugs: +

So far, only 100 files can be monitored. If more are needed, +the source needs to be patched. See define MAX_INPUT_FILES in imfile.c

Powertop +users may want to notice that imfile utilizes polling. Thus, it is no +good citizen when it comes to conserving system power consumption. We +are currently evaluating to move to inotify(). However, there are a +number of subtle issues, which needs to be worked out first. We will +make the change as soon as we can. If you can afford it, we recommend +using a long polling interval in the mean time. +

+

Sample:

+

The following sample monitors two files. If you need just one, +remove the second one. If you need more, add them according to the +sample ;). This code must be placed in /etc/rsyslog.conf (or wherever +your distro puts rsyslog's config files). Note that only commands +actually needed need to be specified. The second file uses less +commands and uses defaults instead.
+

+ +

Legacy Configuration Directives:

+

This plugin has config directives similar named as imtcp, but they all have PTCP in +their name instead of just TCP. Note that only a subset of the parameters are supported. +

    +
  • $InputPTCPServerAddtlFrameDelimiter <Delimiter>
    +Equivalent to: AddTLFrameDelimiter
    • +
  • $InputPTCPSupportOctetCountedFraming <on|off>
    +Equivalent to: SupportOctetCountedFraming +
    • +
  • $InputPTCPServerNotifyOnConnectionClose [on/off]
    +Equivalent to: ServerNotifyOnConnectionClose.
    • +
  • $InputPTCPServerKeepAlive <on/off>
    +Equivalent to: KeepAlive
    • +
  • $InputPTCPServerKeepAlive_probes <number>
    +Equivalent to: KeepAlive.Probes
    • +
  • $InputPTCPServerKeepAlive_intvl <number>
    +Equivalent to: KeepAlive.Interval
    • +
  • $InputPTCPServerKeepAlive_time <number>
    +Equivalent to: KeepAlive.Time
    • +
  • $InputPTCPServerRun <port>
    +Equivalent to: Port
    • +
  • $InputPTCPServerInputName <name>
    +Equivalent to: Name
    • +
  • $InputPTCPServerBindRuleset <name>
    +Equivalent to: Ruleset
  • $InputPTCPHelperThreads <number>
    Number of helper worker threads to process incoming messages. These threads are utilized to pull data off the network. On a busy system, additional helper threads (but not more than there are CPUs/Cores) can help improving performance. The default value is two.
  • $InputPTCPServerListenIP <name>
    -On multi-homed machines, specifies to which local address the next listerner should -be bound. +Equivalent to: Address
Caveats/Known Bugs:
    diff --git a/doc/imrelp.html b/doc/imrelp.html index d83b2a15..80ddfd53 100644 --- a/doc/imrelp.html +++ b/doc/imrelp.html @@ -27,11 +27,12 @@ scenarios also exists with plain tcp syslog. RELP, even with the small nits outlined above, is a much more reliable solution than plain tcp syslog and so it is highly suggested to use RELP instead of plain tcp. Clients send messages to the RELP server via omrelp.

    +

    Configuration Directives:

      -
    • InputRELPServerBindRuleset <name> (available in 6.3.6+)
      +
    • Ruleset <name> (available in 6.3.6+)
      Binds the specified ruleset to all RELP listeners. -
    • InputRELPServerRun <port>
      +
    • Port <port>
      Starts a RELP server on selected port
    Caveats/Known Bugs: @@ -46,6 +47,29 @@ not specific ones. This is due to a currently existing limitation in librelp.

    Sample:

    This sets up a RELP server on port 20514.

    + + +

    Legacy Configuration Directives:

    +
      +
    • InputRELPServerBindRuleset <name> (available in 6.3.6+)
      +equivalent to: RuleSet +
    • InputRELPServerRun <port>
      +equivalent to: Port
      • +
    +Caveats/Known Bugs: +
      +
    • see description
      • +
    • To obtain the remote system's IP address, you need to have at least +librelp 1.0.0 installed. Versions below it return the hostname instead +of the IP address.
      • +
    • Contrary to other inputs, the ruleset can only be bound to all listeners, +not specific ones. This is due to a currently existing limitation in librelp. +
    +

    Sample:

    +

    This sets up a RELP server on port 20514.
    +

    diff --git a/doc/imudp.html b/doc/imudp.html index ea985b60..3512d474 100644 --- a/doc/imudp.html +++ b/doc/imudp.html @@ -15,16 +15,13 @@

    Description:

    Provides the ability to receive syslog messages via UDP.

    Multiple receivers may be configured by specifying -$UDPServerRun multiple times. +multiple input actions.

    +

    Configuration Directives:

    +

    Global Directives:

      -
    • $UDPServerAddress <IP>
      -local IP address (or name) the UDP listens should bind to
      • -
    • $UDPServerRun <port>
      -former -r<port> option, default 514, start UDP server on this -port, "*" means all addresses
      • -
    • $UDPServerTimeRequery <nbr-of-times>
      +
    • TimeRequery <nbr-of-times>
      this is a performance optimization. Getting the system time is very costly. With this setting, imudp can be instructed to obtain the precise time only once every n-times. This logic is @@ -33,15 +30,51 @@ time calls should usually be acceptable. The default value is two, because we ha seen that even without optimization the kernel often returns twice the identical time. You can set this value as high as you like, but do so at your own risk. The higher the value, the less precise the timestamp. -
    • $InputUDPServerBindRuleset <ruleset>
      -Binds the listener to a specific ruleset.
      • -
    • $IMUDPSchedulingPolicy <rr/fifo/other>
      +
    • SchedulingPolicy <rr/fifo/other>
      Can be used the set the scheduler priority, if the necessary functionality is provided by the platform. Most useful to select "fifo" for real-time processing under Linux (and thus reduce chance of packet loss). Available since 4.7.4+, 5.7.3+, 6.1.3+. -
    • $IMUDPSchedulingPriority <number>
      +
    • SchedulingPriority <number>
      Scheduling priority to use. Available since 4.7.4+, 5.7.3+, 6.1.3+.
    +

    Action Directives:

    +
      +
    • Address <IP>
      +local IP address (or name) the UDP listens should bind to
      • +
    • Port <port>
      +default 514, start UDP server on this port
      • +
    • Ruleset <ruleset>
      +Binds the listener to a specific ruleset.
      • +
    +Caveats/Known Bugs: +
      +
    • currently none known
      • +
    +

    Sample:

    +

    This sets up an UPD server on port 514:
    +

    + + +

    Legacy Configuration Directives:

    +

    Multiple receivers may be configured by specifying +$UDPServerRun multiple times. +

    +
      +
    • $UDPServerAddress <IP>
      +equivalent to: Address
      • +
    • $UDPServerRun <port>
      +equivalent to: Port
      • +
    • $UDPServerTimeRequery <nbr-of-times>
      +equivalent to: TimeRequery +
    • $InputUDPServerBindRuleset <ruleset>
      +equivalent to: Ruleset
      • +
    • $IMUDPSchedulingPolicy <rr/fifo/other>
      +equivalent to: SchedulingPolicy +
    • $IMUDPSchedulingPriority <number>
      +equivalent to: SchedulingPriority +
    Caveats/Known Bugs:
    • currently none known
      • diff --git a/doc/imuxsock.html b/doc/imuxsock.html index 19f9cf51..bd207a37 100644 --- a/doc/imuxsock.html +++ b/doc/imuxsock.html @@ -24,11 +24,11 @@ information). This seems to be consistent with what sysklogd did for the past four years. Alternate behaviour may be desirable if gateway-like processes send messages via the local log slot - in this case, it can be enabled via the -$InputUnixListenSocketIgnoreMsgTimestamp and $SystemLogSocketIgnoreMsgTimestamp config directives

      +IgnoreTimestamp and SysSock.IgnoreTimestamp config directives

      There is input rate limiting available, (since 5.7.1) to guard you against the problems of a wild running logging process. -If more than $SystemLogRateLimitInterval * $SystemLogRateLimitBurst log messages are emitted -from the same process, those messages with $SystemLogRateLimitSeverity or lower will be +If more than SysSock.RateLimit.Interval * SysSock.RateLimit.Burst log messages are emitted +from the same process, those messages with SysSock.RateLimit.Severity or lower will be dropped. It is not possible to recover anything about these messages, but imuxsock will tell you how many it has dropped one the interval has expired AND the next message is logged. Rate-limiting depends on SCM_CREDENTIALS. If the platform does not support @@ -36,7 +36,7 @@ this socket option, rate limiting is turned off. If multiple sockets are configu rate limiting works independently on each of them (that should be what you usually expect). The same functionality is available for additional log sockets, in which case the config statements just use -the prefix $IMUXSockRateLimit... but otherwise works exactly the same. +the prefix RateLimit... but otherwise works exactly the same. When working with severities, please keep in mind that higher severity numbers mean lower severity and configure things accordingly. To turn off rate limiting, set the interval to zero. @@ -46,8 +46,8 @@ the queues (which may cause exessive disk-io where it actually would not be need flow-controlling a log socket (and especially the system log socket) can lead to a very unresponsive system. As such, flow control is disabled by default. That means any log records are places as quickly as possible into the processing queues. If you would like to have -flow control, you need to enable it via the $SystemLogSocketFlowControl and -$InputUnixListenSocketFlowControl config directives. Just make sure you thought about +flow control, you need to enable it via the SysSock.FlowControl and +FlowControl config directives. Just make sure you thought about the implications. Note that for many systems, turning on flow control does not hurt.

      Starting with rsyslog 5.9.4, trusted syslog properties @@ -57,87 +57,177 @@ privileges are dropped (depending on how they are dropped). Note that trusted pr can be very useful, but also typically cause the message to grow rather large. Also, the format of log messages is obviously changed by adding the trusted properties at the end. For these reasons, the feature is not enabled by default. If you want to use it, -you must turn it on (via $SystemLogSocketAnnotate and $InputUnixListenSocketAnnotate). +you must turn it on (via SysSock.Annotate and Annotate). +

      Configuration Directives:

      +

      Global Parameters

        -
      • $InputUnixListenSocketIgnoreMsgTimestamp [on/off] +
      • SysSock.IgnoreTimestamp [on/off]
        +Ignore timestamps included in the messages, applies to messages received via the system log socket. +
        • +
      • SysSock.Use (imuxsock) [on/off] +do NOT listen for the local log socket. This is most useful if you run multiple +instances of rsyslogd where only one shall handle the system log socket. +
        • +
      • SysSock.Name <name-of-socket> +
        • +
      • SysSock.FlowControl [on/off] - specifies if flow control should be applied +to the system log socket. +
        • +
      • SysSock.UsePIDFromSystem [on/off] - specifies if the pid being logged shall +be obtained from the log socket itself. If so, the TAG part of the message is rewritten. +It is recommended to turn this option on, but the default is "off" to keep compatible +with earlier versions of rsyslog. This option was introduced in 5.7.0. +
        • +
      • SysSock.RateLimit.Interval [number] - specifies the rate-limiting +interval in seconds. Default value is 5 seconds. Set it to 0 to turn rate limiting off. +
        • +
      • SysSock.RateLimit.Burst [number] - specifies the rate-limiting +burst in number of messages. Default is 200. +
        • +
      • SysSock.RateLimit.Severity [numerical severity] - specifies the severity of +messages that shall be rate-limited. +
        • +
      • SysSock.UseSysTimeStamp [on/off] the same as $InputUnixListenSocketUseSysTimeStamp, but for the system log socket. +
        • +
      • SysSock.Annotate <on/off> turn on annotation/trusted +properties for the system log socket.
        • +
      + +

      Input Instance Parameters

      +
        +
      • IgnoreTimestamp [on/off]
        Ignore timestamps included in the message. Applies to the next socket being added.
        • -
      • $InputUnixListenSocketFlowControl [on/off] - specifies if flow control should be applied +
      • FlowControl [on/off] - specifies if flow control should be applied to the next socket.
        • -
      • $IMUXSockRateLimitInterval [number] - specifies the rate-limiting +
      • RateLimit.Interval [number] - specifies the rate-limiting interval in seconds. Default value is 0, which turns off rate limiting. Set it to a number of seconds (5 recommended) to activate rate-limiting. The default of 0 has been choosen in 5.9.6+, as people experienced problems with this feature activated by default. Now it needs an explicit opt-in by setting this parameter.
        • -
      • $IMUXSockRateLimitBurst [number] - specifies the rate-limiting +
      • RateLimit.Burst [number] - specifies the rate-limiting burst in number of messages. Default is 200.
        • -
      • $IMUXSockRateLimitSeverity [numerical severity] - specifies the severity of +
      • RateLimit.Severity [numerical severity] - specifies the severity of messages that shall be rate-limited.
        • -
      • $IMUXSockLocalIPIF [interface name] - (available since 5.9.6) - if provided, the IP of the specified + +
      • UsePIDFromSystem [on/off] - specifies if the pid being logged shall be obtained from the log socket itself. If so, the TAG part of the message is rewritten. It is recommended to turn this option on, but the default is "off" to keep compatible with earlier versions of rsyslog. This option was introduced in 5.7.0.
        • -
      • $InputUnixListenSocketUseSysTimeStamp [on/off] instructs imuxsock +
      • UseSysTimeStamp [on/off] instructs imuxsock to obtain message time from the system (via control messages) insted of using time recorded inside the message. This may be most useful in combination with systemd. Note: this option was introduced with version 5.9.1. Due to the usefulness of it, we decided to enable it by default. As such, 5.9.1 and above behave slightly different than previous versions. However, we do not see how this could negatively affect existing environments.
        -
      • $SystemLogSocketIgnoreMsgTimestamp [on/off]
        -Ignore timestamps included in the messages, applies to messages received via the system log socket.
        • -
      • $OmitLocalLogging (imuxsock) [on/off] -- former -o option; -do NOT listen for the local log socket. This is most useful if you run multiple -instances of rsyslogd where only one shall handle the system log socket.
        • -
      • $SystemLogSocketName <name-of-socket> -- former -p option
        • -
      • $SystemLogFlowControl [on/off] - specifies if flow control should be applied -to the system log socket.
        • -
      • $SystemLogUsePIDFromSystem [on/off] - specifies if the pid being logged shall -be obtained from the log socket itself. If so, the TAG part of the message is rewritten. -It is recommended to turn this option on, but the default is "off" to keep compatible -with earlier versions of rsyslog. This option was introduced in 5.7.0.
        • -
      • $SystemLogParseTrusted [on/off] - specifies if Trusted Properties shall be parsed -and saved into libee event structure. This option needs $SystemLogSocketAnnotate to be on.
        • -
      • $SystemLogRateLimitInterval [number] - specifies the rate-limiting -interval in seconds. Default value is 5 seconds. Set it to 0 to turn rate limiting off. -
        • -
      • $SystemLogRateLimitBurst [number] - specifies the rate-limiting -burst in number of messages. Default is 200. -
        • -
      • $SystemLogRateLimitSeverity [numerical severity] - specifies the severity of -messages that shall be rate-limited. -
        • -
      • $SystemLogUseSysTimeStamp [on/off] the same as $InputUnixListenSocketUseSysTimeStamp, but for the system log socket. -
      • $InputUnixListenSocketCreatePath [on/off] - create directories in the socket path +
      • CreatePath [on/off] - create directories in the socket path if they do not already exist. They are created with 0755 permissions with the owner being the process under which rsyslogd runs. The default is not to create directories. Keep in mind, though, that rsyslogd always creates the socket itself if it does not exist (just not the directories by default).
        Note that this statement affects the -next $AddUnixListenSocket directive that follows in sequence in the configuration file. It never works +next Socket directive that follows in sequence in the configuration file. It never works on the system log socket (where it is deemed unnecessary). Also note that it is automatically -being reset to "off" after the $AddUnixListenSocket directive, so if you would have it active +being reset to "off" after the Socket directive, so if you would have it active for two additional listen sockets, you need to specify it in front of each one. This option is primarily considered useful for defining additional sockets that reside on non-permanent file systems. As rsyslogd probably starts up before the daemons that create these sockets, it is a vehicle to enable rsyslogd to listen to those sockets even though their directories do not yet exist. [available since 4.7.0 and 5.3.0]
        • -
      • $AddUnixListenSocket <name-of-socket> adds additional unix socket, default none -- former -a option
        • -
      • $InputUnixListenSocketHostName <hostname> permits to override the hostname that -shall be used inside messages taken from the next $AddUnixListenSocket socket. Note that +
      • Socket <name-of-socket> adds additional unix socket, default none -- former -a option
        • +
      • HostName <hostname> permits to override the hostname that +shall be used inside messages taken from the next Socket socket. Note that the hostname must be specified before the $AddUnixListenSocket configuration directive, and it will only affect the next one and then automatically be reset. This functionality is provided so that the local hostname can be overridden in cases where that is desired.
        • -
      • $InputUnixListenSocketAnnotate <on/off> turn on annotation/trusted +
      • Annotate <on/off> turn on annotation/trusted properties for the non-system log socket in question.
        • -
      • $SystemLogSocketAnnotate <on/off> turn on annotation/trusted -properties for the system log socket.
        • +
      + +Caveats/Known Bugs:
      +
        +
      • There is a compile-time limit of 50 concurrent sockets. If you need more, you need to +change the array size in imuxsock.c. +
      • This documentation is sparse and incomplete. +
      +

      Sample:

      +

      The following sample is the minimum setup required to accept syslog messages from applications running +on the local system.
      +

      + +

      The following sample is a configuration where rsyslogd pulls logs from two +jails, and assigns different hostnames to each of the jails:

      + +

      The following sample is a configuration where rsyslogd reads the openssh log +messages via a separate socket, but this socket is created on a temporary file +system. As rsyslogd starts up before the sshd, it needs to create the socket +directories, because it otherwise can not open the socket and thus not listen +to openssh messages. Note that it is vital not to place any other socket between +the CreatePath and the Socket.

      + +

      The following sample is used to turn off input rate limiting on the system log +socket. + +

      The following sample is used activate message annotation and thus trusted properties +on the system log socket. + + + +

      Legacy Configuration Directives:

      +
        +
      • $InputUnixListenSocketIgnoreMsgTimestamp [on/off] +
        Please see: IgnoreTimestamp.
        • +
      • $InputUnixListenSocketFlowControl [on/off] - Please see: FlowControl .
        • +
      • $IMUXSockRateLimitInterval [number] - Please see: RateLimit.Interval +
        • +
      • $IMUXSockRateLimitBurst [number] - Please see: RateLimit.Burst +
        • +
      • $IMUXSockRateLimitSeverity [numerical severity] - Please see: RateLimit.Severity +
        • +
      • $IMUXSockLocalIPIF [interface name] - (available since 5.9.6) - if provided, the IP of the specified +interface (e.g. "eth0") shall be used as fromhost-ip for imuxsock-originating messages. +If this directive is not given OR the interface cannot be found (or has no IP address), +the default of "127.0.0.1" is used. +
        • +
      • $InputUnixListenSocketUsePIDFromSystem [on/off] - Please see: UsePIDFromSystem.
        • +
      • $InputUnixListenSocketUseSysTimeStamp [on/off] Please see: UseSysTimeStamp .
        +
      • $SystemLogSocketIgnoreMsgTimestamp [on/off]
        +Please see: SysSock.IgnoreTimestamp.
        • +
      • $OmitLocalLogging (imuxsock) [on/off] Please see: SysSock.Use
        • +
      • $SystemLogSocketName <name-of-socket> Please see: SysSock.Name
        • +
      • $SystemLogFlowControl [on/off] - Please see: SysSock.FlowControl.
        • +
      • $SystemLogUsePIDFromSystem [on/off] - Please see: SysSock.UsePIDFromSystem.
        • +
      • $SystemLogRateLimitInterval [number] - Please see: SysSock.RateLimit.Interval. +
        • +
      • $SystemLogRateLimitBurst [number] - Please see: SysSock.RateLimit.Burst +
        • +
      • $SystemLogRateLimitSeverity [numerical severity] - Please see: SysSock.RateLimit.Severity +
        • +
      • $SystemLogUseSysTimeStamp [on/off] Please see: SysSock.UseSysTimeStamp. +
      • $InputUnixListenSocketCreatePath [on/off] - Please see: CreatePath
        • +
      • $AddUnixListenSocket <name-of-socket> Please see: Socket
        • +
      • $InputUnixListenSocketHostName <hostname> Please see: HostName.
        • +
      • $InputUnixListenSocketAnnotate <on/off> Please see: Annotate.
        • +
      • $SystemLogSocketAnnotate <on/off> Please see: SysSock.Annotate.
      Caveats/Known Bugs:
      @@ -171,7 +261,7 @@ the $InputUnixListenSocketCreatePath and the $InputUnixListenSocketHostName.

      The following sample is used to turn off input rate limiting on the system log socket. -- cgit v1.2.3