Running rsyslog v7 on CentOS6

Author: | Posted in howto 1 Comment

I was inspired by today’s comments on my other rsyslog post and decided to write a small howto about upgrading the rsyslog daemon on CentOS 6 / RHEL 6. As you might know CentOS6 comes with rsyslog v5 by default and it is the only release available within the official repositories. The rsyslog developers however maintain 2 separate branches: v5 and v7. The latter is obviously newer and has a lot of improvements such as enhanced support for plugins and structured logging (main advantages, detailed v7 changelogs).

Upgrading to rsyslog v7 is easy and according to the project website it can be done on both CentOS/RHEL 5 and CentOS/RHEL 6. The developers provide RPM packages that are made available through a yum repository. On my CentOS 6 machine I did the following:


Install the yum repository


wget -O /etc/yum.repos.d/rsyslog.repo


Update rsyslog


yum update rsyslog

There are a few dependencies needed but they are all available in the official CentOS repositories except for json-c which is provided by EPEL. Upon a successful update the new logging daemon is already active, although it is still running the old /etc/rsyslog.conf so some features may be deprecated:

centos6 rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="1646" x-info=""] exiting on signal 15.
centos6 rsyslogd: [origin software="rsyslogd" swVersion="7.4.5" x-pid="10370" x-info=""] start
centos6 rsyslogd-2307: warning: ~ action is deprecated, consider using the 'stop' statement instead [try ]
centos6 rsyslogd-2184: action '*' treated as ':omusrmsg:*' - please change syntax, '*' will not be supported in the future [try ]

Despite the old soon-to-be-decommissioned statements in the configuration file, I found that rsyslog v7 works fine on my CentOS 6 machine and I can also get updates through the newly installed repository.


Revert to the default version


That is easy. Considering you’ve tested rsyslog v7 and for whatever reasons you want to switch back to the default CentOS/RHEL version, simply downgrade the package:

yum --disablerepo=rsyslog_v7 downgrade rsyslog

The above command will temporarily disable the rsyslog repo, remove the current package and install the latest one available in the remaining active repositories. To prevent the package from updating to v7 again, either remove the repository completely or disable it permanently:

yum-config-manager --disable rsyslog_v7


  1. Posted by Pankaj

Reply Cancel Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.