summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/features.html200
1 files changed, 117 insertions, 83 deletions
diff --git a/doc/features.html b/doc/features.html
index a61d5b7e..9573030e 100644
--- a/doc/features.html
+++ b/doc/features.html
@@ -1,95 +1,129 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html><head>
-<title>rsyslog features</title></head>
+<html><head><title>rsyslog features</title>
+
+</head>
<body>
<h1>RSyslog - Features</h1>
-<p><b>This page lists both current features as well as those being considered
-for future versions of rsyslog.</b> If you think a feature is missing, drop
-<a href="mailto:rgerhards@adiscon.com">Rainer</a> a note. Rsyslog is a vital
-project. Features are added each few days. If you would like to keep up of what
-is going on, you can also subscribe to the <a href="http://lists.adiscon.net/mailman/listinfo/rsyslog">rsyslog mailing list</a>.
+<p><b>This page lists both current features as well as
+those being considered for future versions of rsyslog.</b> If you
+think a feature is missing, drop
+<a href="mailto:rgerhards@adiscon.com">Rainer</a> a
+note. Rsyslog is a vital project. Features are added each few days. If
+you would like to keep up of what is going on, you can also subscribe
+to the <a href="http://lists.adiscon.net/mailman/listinfo/rsyslog">rsyslog
+mailing list</a>.</p>
+<p><span style="font-weight: bold;">A better
+structured feature list is now contained in our </span><a style="font-weight: bold;" href="rsyslog_ng_comparison.html">rsyslog
+vs. syslog-ng comparison</a><span style="font-weight: bold;">.
+</span>Probably that page will replace this one&nbsp;in the
+future.
</p>
<h2>Current Features</h2>
<ul>
-
- <li>native support for <a href="rsyslog_mysql.html">writing to MySQL databases</a></li><li>
- native support for writing to Postgres databases</li><li>direct support for Firebird/Interbase,
+<li>native support for <a href="rsyslog_mysql.html">writing
+to MySQL databases</a></li>
+<li> native support for writing to Postgres databases</li>
+<li>direct support for Firebird/Interbase,
OpenTDS (MS SQL, Sybase), SQLLite, Ingres, Oracle, and mSQL via libdbi,
-a database abstraction layer (almost as good as native)</li><li>support for (plain) tcp
- based syslog - much better reliability</li><li>support for sending and receiving
- compressed syslog messages</li><li>support for on-demand on-disk spooling of
- messages that can not be processed fast enough (a great feature for
- <a href="rsyslog_high_database_rate.html">writing massive amounts of syslog
- messages to a database</a>)</li><li>ability to monitor text files and convert their contents into syslog messages (one per line)</li><li>ability to configure backup syslog/database
- servers - if the primary fails, control is switched to a prioritized list of
- backups</li><li>support for receiving messages via
- reliable <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">
- RFC 3195</a> delivery</li><li>ability to generate file names and directories (log targets)
- dynamically, based on many different properties</li><li>control of log output format,
- including ability to present channel and priority as visible log data</li><li>good timestamp format control; at a minimum, ISO 8601/RFC 3339
- second-resolution UTC zone</li><li>ability to reformat message contents and work with substrings</li><li>support for
- log files larger than 2gb</li><li>support for file size limitation and automatic
- rollover command execution</li><li>support for running multiple rsyslogd
- instances on a single machine</li><li>support for <a href="rsyslog_stunnel.html">
- ssl-protected syslog</a> (via stunnel)</li><li>ability to filter on any part of
- the message, not just facility and severity</li><li>ability to use regular
- expressions in filters</li><li>support for discarding
- messages based on filters</li><li>ability to execute shell scripts on received
- messages</li><li>control of whether the local hostname or the hostname of the
- origin of the data is shown as the hostname in the output</li><li>ability to
- preserve the original hostname in NAT environments and relay chains
- </li><li>ability to limit the allowed network senders</li><li>powerful BSD-style
- hostname and program name blocks for easy multi-host support</li><li>
- massively
- multi-threaded with dynamic work thread pools that start up and shut
- themselves down on an as-needed basis (great for high log volume on
- multicore machines)</li><li>very
- experimental and volatile support for <a href="syslog-protocol.html">syslog-protocol</a> compliant messages (it is volatile because standardization is currently
- underway and this is a proof-of-concept implementation to aid this effort)</li><li>
- experimental support for syslog-transport-tls based framing on syslog/tcp
- connections</li><li>
- the sysklogd's klogd functionality is implemented as the <i>imklog</i> input
- plug-in. So rsyslog is a full replacement for the sysklogd
- package</li><li>
- support for IPv6</li><li>
- ability to control repeated line reduction ("last message repeated n times")
- on a per selector-line basis</li><li>
- supports sub-configuration files, which can be automatically read from
- directories. Includes are specified in the main configuration file</li><li>
- supports multiple actions per selector/filter condition</li><li>
- MySQL and Postgres SQL functionality as a dynamically loadable plug-in</li><li>
- modular design for inputs and outputs - easily extensible via custom plugins</li><li>
- an easy-to-write to plugin interface</li><li>
- ability to send SNMP trap messages</li></ul>
+a database abstraction layer (almost as good as native)</li>
+<li>support for (plain) tcp based syslog - much better
+reliability</li>
+<li>support for sending and receiving compressed syslog messages</li>
+<li>support for on-demand on-disk spooling of messages that can
+not be processed fast enough (a great feature for <a href="rsyslog_high_database_rate.html">writing massive
+amounts of syslog messages to a database</a>)</li>
+<li>ability to monitor text files and convert their contents
+into syslog messages (one per line)</li>
+<li>ability to configure backup syslog/database servers - if
+the primary fails, control is switched to a prioritized list of backups</li>
+<li>support for receiving messages via reliable <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">
+RFC 3195</a> delivery</li>
+<li>ability to generate file names and directories (log
+targets) dynamically, based on many different properties</li>
+<li>control of log output format, including ability to present
+channel and priority as visible log data</li>
+<li>good timestamp format control; at a minimum, ISO 8601/RFC
+3339 second-resolution UTC zone</li>
+<li>ability to reformat message contents and work with
+substrings</li>
+<li>support for log files larger than 2gb</li>
+<li>support for file size limitation and automatic rollover
+command execution</li>
+<li>support for running multiple rsyslogd instances on a single
+machine</li>
+<li>support for <a href="rsyslog_stunnel.html">
+ssl-protected syslog</a> (via stunnel)</li>
+<li>ability to filter on any part of the message, not just
+facility and severity</li>
+<li>ability to use regular expressions in filters</li>
+<li>support for discarding messages based on filters</li>
+<li>ability to execute shell scripts on received messages</li>
+<li>control of whether the local hostname or the hostname of
+the origin of the data is shown as the hostname in the output</li>
+<li>ability to preserve the original hostname in NAT
+environments and relay chains </li>
+<li>ability to limit the allowed network senders</li>
+<li>powerful BSD-style hostname and program name blocks for
+easy multi-host support</li>
+<li> massively multi-threaded with dynamic work thread pools
+that start up and shut themselves down on an as-needed basis (great for
+high log volume on multicore machines)</li>
+<li>very experimental and volatile support for <a href="syslog-protocol.html">syslog-protocol</a>
+compliant messages (it is volatile because standardization is currently
+underway and this is a proof-of-concept implementation to aid this
+effort)</li>
+<li> experimental support for syslog-transport-tls based
+framing on syslog/tcp connections</li>
+<li> the sysklogd's klogd functionality is implemented as the <i>imklog</i>
+input plug-in. So rsyslog is a full replacement for the sysklogd package</li>
+<li> support for IPv6</li>
+<li> ability to control repeated line reduction ("last message
+repeated n times") on a per selector-line basis</li>
+<li> supports sub-configuration files, which can be
+automatically read from directories. Includes are specified in the main
+configuration file</li>
+<li> supports multiple actions per selector/filter condition</li>
+<li> MySQL and Postgres SQL functionality as a dynamically
+loadable plug-in</li>
+<li> modular design for inputs and outputs - easily extensible
+via custom plugins</li>
+<li> an easy-to-write to plugin interface</li>
+<li> ability to send SNMP trap messages</li>
+<li>support for arbitrary complex boolean, string and
+arithmetic expressions in message filters</li>
+</ul>
<p>&nbsp;</p>
<h2>Upcoming Features</h2>
-<p>The list below is something like a repository of ideas we'd like to
-implement. Features on this list are typically NOT scheduled for immediate
-inclusion. We maintain a
-<a href="http://bugzilla.adiscon.com/rsyslog-feature.html">feature
-request tracker at our bugzilla</a>. This tracker has things typically within
-reach of implementation. Users are encouraged to submit feature requests there
-(or via our forums). If we like them but they look quite long-lived (aka "not
-soon to be implemented"), they will possibly be migrated to this list here and
-at some time moved back to the sourceforge tracker.</p>
+<p>The list below is something like a repository of ideas we'd
+like to implement. Features on this list are typically NOT scheduled
+for immediate inclusion. We maintain a
+<a href="http://bugzilla.adiscon.com/rsyslog-feature.html">feature
+request tracker at our bugzilla</a>. This tracker has things
+typically within reach of implementation. Users are encouraged to
+submit feature requests there (or via our forums). If we like them but
+they look quite long-lived (aka "not soon to be implemented"), they
+will possibly be migrated to this list here and at some time moved back
+to the sourceforge tracker.</p>
<ul>
- <li>implement native email-functionality in
- selector (probably best done as a plug-in)</li><li>port it to more *nix variants
- (eg AIX and HP UX) - this needs volunteers with access to those machines and
- knowledge
- </li><li>support for native SSL enryption of plain tcp syslog sessions. This will
- most probably happen based on syslog-transport-tls.</li><li>pcre filtering - maybe (depending on feedback)&nbsp; - simple regex already
- partly added. So far, this seems sufficient so that there is no urgent need
- to do pcre</li><li>support for
- <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">RFC 3195</a> as a sender - this is currently unlikely to happen, because there is no real
- demand for it. Any work on RFC 3195 has been suspend until we see some real
- interest in it.&nbsp; It is probably much better to use TCP-based syslog,
- which is interoperable with a large number of applications. You may also
- read my blog post on the future of liblogging, which contains interesting
- information about the
- <a href="http://rgerhards.blogspot.com/2007/09/where-is-liblogging-heading-to.html">
- future of RFC 3195 in rsyslog</a>.</li></ul>
+<li>implement native email-functionality in selector (probably
+best done as a plug-in)</li>
+<li>port it to more *nix variants (eg AIX and HP UX) - this
+needs volunteers with access to those machines and knowledge </li>
+<li>support for native SSL enryption of plain tcp syslog
+sessions. This will most probably happen based on syslog-transport-tls.</li>
+<li>pcre filtering - maybe (depending on feedback)&nbsp; -
+simple regex already partly added. So far, this seems sufficient so
+that there is no urgent need to do pcre</li>
+<li>support for <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">RFC
+3195</a> as a sender - this is currently unlikely to happen,
+because there is no real demand for it. Any work on RFC 3195 has been
+suspend until we see some real interest in it.&nbsp; It is probably
+much better to use TCP-based syslog, which is interoperable with a
+large number of applications. You may also read my blog post on the
+future of liblogging, which contains interesting information about the <a href="http://rgerhards.blogspot.com/2007/09/where-is-liblogging-heading-to.html">
+future of RFC 3195 in rsyslog</a>.</li>
+</ul>
<p>To see when each feature was added, see the
-<a href="http://www.rsyslog.com/Topic4.phtml">rsyslog change log</a> (online
-only).</p>
+<a href="http://www.rsyslog.com/Topic4.phtml">rsyslog
+change log</a> (online only).</p>
</body></html> \ No newline at end of file
generated by cgit (git 2.34.1) at 2024-11-12 19:24:04 +0000