$WorkDirectory /srv/sylog/log/work

# This would queue _ALL_ rsyslog messages, i.e. slow them down to rate of DB ingest.
# Don't do that...
# $MainMsgQueueFileName mainq  # set file name, also enables disk mode

# We only want to queue for database writes.
$ActionQueueType LinkedList # use asynchronous processing
$ActionQueueFileName dbq    # set file name, also enables disk mode
$ActionResumeRetryCount -1   # infinite retries on insert failure

# Default Settings

# Load Modules

module(load="imuxsock")    # provides support for local system logging (e.g. via logger command)
module(load="imklog")      # provides kernel logging support (previously done by rklogd)
module(load="immark")      # provides --MARK-- message capability
module(load="impstats")

# Provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")

# Provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="514")

module(load="ompgsql")

# rsyslog Templates
$template rawpgsql, \
          "INSERT INTO rsyslog.sylog ( \
		msg_rcvd_utc, \
		src_host, \
		program_name, \
		syslog_facility_text, \
		syslog_severity_text, \
		msg_text ) \
          VALUES ( \
		'%timegenerated:::date-pgsql%', \
		'%hostname%', \
		'%programname%', \
		'%syslogfacility-text%', \
		'%syslogseverity-text%', \
		'%msg%' );", \
          stdsql

# rsyslog RuleSets
action(type="omfile" file="/srv/sylog/log/syslog")
if $syslogtag contains 'rsyslogd-pstats' then { 
        action(type="omfile" queue.type="linkedlist" queue.discardmark="980" name="pstats" file="/srv/sylog/log/pstats") 
        stop
}
#action(type="ompgsql" server="pgsql-server" serverport="5433" db="web" uid="rsyslog" pwd="golsysr" template="rawpgsql")

*.* :ompgsql:localhost,logs,rsyslog,golsysr;rawpgsql