diff --git a/Notify_syslog.md b/Notify_syslog.md index ab3ec5d..fc8d3f0 100644 --- a/Notify_syslog.md +++ b/Notify_syslog.md @@ -18,13 +18,45 @@ One might change the facility from it's default like so: | Variable | Required | Description | ----------- | -------- | ----------- | facility | No | The facility to use, by default it is `user`. Valid options are **kern**, **user**, **mail**, **daemon**, **auth**, **syslog**, **lpr**, **news**, **uucp**, **cron**, **local0**, **local1**, **local2**, **local3**, **local4**, **local5**, **local6**, and **local7** -| logperror | No | Additionally send the log message to _stderr_ +| logperror | No | Additionally send the log message to _stderr_. This method is ignored when preforming a remote query. | logpid | Yes | Include PID as part of the log output. -#### Example +### Example Send a Syslog notification ```bash # The following sends a syslog notification to the `user` facility apprise -vv -t "Test Message Title" -b "Test Message Body" \ syslog:// +``` + +## RSysLog Testing +To test the remote server, the following can be performed: +```bash +# Setup a simple docker file that will run our our rsyslog server for us: +cat << _EOF > dockerfile.syslog +FROM ubuntu +RUN apt update && apt install rsyslog -y +RUN echo '\$ModLoad imudp\n \\ +\$UDPServerRun 514\n \\ +\$ModLoad imtcp\n \\ +\$InputTCPServerRun 514\n \\ +\$template RemoteStore, "/var/log/remote/%\$year%-%\$Month%-%\$Day%.log"\n \\ +:source, !isequal, "localhost" -?RemoteStore\n \\ +:source, isequal, "last" ~ ' > /etc/rsyslog.conf +ENTRYPOINT ["rsyslogd", "-n"] +_EOF + +# build it: +docker build -t mysyslog -f dockerfile.syslog . + +# Now run it: +docker run --cap-add SYSLOG --restart always \ + -v $(pwd)/log:/var/log \ + -p 514:514 -p 514:514/udp --name rsyslog mysyslog + +# In another terminal window, you can look into a directory +# relative to the location you ran the above command for a directory +# called `log` +You may need to adjust it's permissions, the log file will only get +created after you send an apprise notification. ``` \ No newline at end of file