Global configuration rsyslog using RainerScript how to

rsyslog

Right now i have this in my rsyslog.conf file. 

/* GLOBAL DIRECTIVES */

# Global umask for all actions
$umask 0022

# Set the default permissions for all log files.
module(load="buildin:omfile"
        # To enable high precision timestamps, use the following line:
        # template="RSYSLOG_FileFormat"
        template="RSYSLOG_TraditionalFileFormat"
        # Set the default permissions for all log files.
        dirCreateMode="0700"
        dirOwner="syslog"
        dirGroup="adm"
        fileCreateMode="0640"
        fileOwner="syslog"
        fileGroup="adm"
)

$PrivDropToUser syslog
$PrivDropToGroup syslog

global(workDirectory="/var/spool/rsyslog")

/* INCLUDED FILES */

# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf

This appears to be "latest" stable way of configuring rsyslog as per v8-stable docs

But this is still using old type of directives e.g $IncludeConfig shouldn't that be global(includeConfig="/etc/rsyslog.d/*") ?

And so overall shouldn't my config look like this?

global(unmask=0022
       privDropToUser="syslog"
       privDropToGroup="syslog"
       workDirectory="/var/spool/rsyslog"
       includeConfig="/etc/rsyslog.d/*")

# Set the default permissions for all log files.
module(load="buildin:omfile"
        # To enable high precision timestamps, use the following line:
        # template="RSYSLOG_FileFormat"
        template="RSYSLOG_TraditionalFileFormat"
        # Set the default permissions for all log files.
        dirCreateMode="0700"
        dirOwner="syslog"
        dirGroup="adm"
        fileCreateMode="0640"
        fileOwner="syslog"
        fileGroup="adm"
)

any extra reading materials specifically for RainerScript will be much appreciated. So far looked found this resources (apart from docs):

Best Answer

First of all, there is no hard need to convert all of old style - some of it is still the best way to do simple things. Have a look at rsyslog configuration formats to understand that part.

The core idea of why we introduced the new format was to make complexity manageable. The obsolete legacy format made it extremely hard to configure things correctly, even for me as the rsyslog author.

That said, $IncludeConfig did not receive attention until recently simply because there was no real benefit in providing a new style alternative (and we have lots of things on the TODO list...). As of 8.33.0, includes can be done via the include() object - it's not a global setting, thus it has its own object.

A new-style alternative for PrivDropTo... has not yet been added, for the same reason: very little benefit in providing it (just cosmetic, as it has no complexity associated) and no time yet to do it. We are still working on providing alternatives for those types of legacy statements as time permits: so it will probably come up some time in the future. But again, there is nothing bad in continue to use it.

Speaking as a developer, all config statements operate on a common set of configuration objects. Rsyslog really doesn't care how the object was created.

A core policy of the rsyslog project is to never break an existing configuration without a very hard need: so you can be sure that what worked years ago still works. Nevertheless, using obsolete legacy format for new configurations is calling for problems, as we know doing it is notoriously hard and error prone. That was the sole reason for introducing the new style ;-)

Related Topic