This page lists the known bugs rsyslog has to offer. Please note that we also have a bug tracker at sourceforge.net. This list here contains more architectural things while the bug tracker most often lists things that you will actually experience. Please be sure to visit the bug tracker in addition to this list here.
This list has last been updated on 2007-07-30 by Rainer Gerhards.
We have some reports that rsyslogd, if compiled with multi-threading enabled, segfaults in some environments. We are actively looking at fixing this issue, but as it does not occur in our lab environment, that unfortunately takes some time. If you experience a segfault, please report it. As a work-around, you can compile rsyslog without multi-threading:
./configure --disable-pthreads
make clean
make
make install
This somewhat reduces the ability to handle large message bursts, but even in single-threaded mode rsyslogd offers great performance (just think that stock sysklogd has always been using a single thread, only).
Sysklogd does not forward remotely received messages to other network destination except when the -h option is given. This code is currently defunct. No matter if -h is specified or not, messages are ALWAYS forwarded. It is currently under review if the sysklogd's functionality is actually needed. Please see my blog post on this topic for further detail.
If multiple templates with the SAME name are created, all but the first definition is IGNORED. So you can NOT (yet) replace a template definition. I also strongly doubt I will ever support this, because it does not make an awful lot of sense (after all, why not use two template names...).
This format is actually not 100% compatible with stock syslogd - the date is missing. Will be fixed soon and can also be fixed just via the proper template. Anyone up for this? ;)
Currently, SIGPIPE is ignored. This is necessary to handle broken TCP connections. We should further look into this issue and see which other ways exist to handle the situation.
If multiple instances are running on a single machine, the one with the -r switch must start first. Also, UDP-based syslog forwarding between the instances does not work. Use TCP instead.