How to set rate limit of syslog?
I noticed an incident that Nautilus for some reason wrote 30GB of log in syslog within minutes, and based on my analysis, it writes >200k lines of log per second.
This raises a question that why there is no rate limit put on syslog, so I tried to setup it myself. But unfortunately I failed to find any way to make rate limit works.
How I'm testing:
* get code of syslog_caller from rsyslog repo at https:/
* remove the `#include <config.h>` then compile it with gcc
* run `./syslog_caller -m 1000` to log 1000 log messages
Methods I have tried but doesn't work:
* put `$SystemLogRate
* put `SysSock.
* add a new `input(
* put `$imuxsockRateL
I've also tried adding corresponding severity parameter set to exactly 6 in each of the cases, and I executed `sudo systemctl restart rsyslog.service` each time after I changed the config. But none of them works.
How can I restrict the logging rate limit?
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Ubuntu rsyslog Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- actionparsnip
- Solved:
- Last query:
- Last reply: