I’ll be honest, I haven’t touch Rsyslog in a few. My setup was normally collect all my data and configured it to send once.
Example of my old one.
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
# The authpriv file has restricted access.
# Log all the mail messages in one place.
# Log cron stuff
# Everybody gets emergency messages
# Save news errors of level crit and higher in a special file.
# Save boot messages also to boot.log
##Enable sending of logs over UDP add the following line:
##Enable sending of logs over TCP add the following line:
##Set disk queue when rsyslog server will be down:
Give it a few, maybe some one else here has a better example.
You could check you Firewall to make sure those ports are open, and if your using ports above 1024.
But apart from this I want to send the mongodb logs to rsyslog using a different port.
On the other server I set up, I set rsyslog to send syslog and mariadb log separately, and it works without any problems.
The mongodb input shows only one log at first, and nothing is received after that…
Thank you for your response.
But I noticed a while ago that the mongo log only has a simple access log…
I think I need to change the settings of this log first so that various information is generated…