examples of /etc/rsyslog.conf

rsyslogd v7.0 and higher support basic format, old config format and new rainer script format. 
Please use basic format and new format for new configurations, the old format only exists for compatibility.

0. general concepts

modules: rsyslogd is a modulized software, which extends functions by loading different modules. 

input module: used for receiving messages, e.g. "imudp" for UDP listening.

output module: used for outputing messages, e.g. "omfwd" for UDP/TCP forwarding.

built-in module: modules built into rsyslogd, so they are no need to be loaded. e.g. "omfwd", "omfile".

1. receive messages via udp:514

legacy old format:

$ModLoad imudp

$UDPServerRun 514

rainer script advanced format:

module(load="imudp")

input(type="imudp" port="514")

2. Forward messages via udp:514

basic format:

*.* @192.168.0.19:514

advanced format:

*.* action(type="omfwd" Target="192.168.0.19" Port="514" Protocol="udp")

3. Receive messages from a file and forward them to another host via TCP

RECEIVING:

module(load="imfile" PollingInterval="10")

input(type="imfile"

          File="/app/myapp/logs/error_log"

          Tag="myapp error"

          Facility="local3")

FORWARDING:

basic format:

local3.* @@(0)192.168.0.19:3780;RSYSLOG_SyslogProtocol123Format

advanced format:
local3.* action(type="omfwd" 
                Target="192.168.0.19" 
                Port="3780"
                TCP_Framing="octet-counter"
                Template="RSYSLOG_SyslogProtocol123Format")