Im having troubles getting rsyslog to receive logs from servers and send those logs to a file of the same (server) name.

Anyone ever attempt the same?

IMHO minimal post contents should contain rsyslog.conf, result from running Rsyslog in debug mode (see manual page) and relevant start up lines in syslog.

Ok, I have what I was trying to accomplish, completed. However... Im not receiving files from external hosts. Running a netstat, I do not see TCP/514 listening.

Again, no errors

# rsyslog v5 configuration file

# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html

#### MODULES ####

$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog # provides kernel logging support (previously done by rklogd)
$ModLoad immark # provides --MARK-- message capability

# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514


#### GLOBAL DIRECTIVES ####

# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

$template FILENAME,"/opt/log/%hostname%/%$year%/%$year%-%$month%-%$day%-%hostname%.log"

$FileCreateMode 0640
$DirCreateMode 0755
$FileOwner adm
$FileGroup adm

*.* ?FILENAME

no errors from debug run:

[root@ log]# /sbin/rsyslogd -f /etc/rsyslog.conf -N1
rsyslogd: version 5.8.10, config validation run (level 1), master config /etc/rsyslog.conf
rsyslogd: WARNING: rsyslogd is running in compatibility mode. Automatically generated config directives may interfer with your rsyslog.conf settings. We suggest upgrading your config and adding -c5 as the first rsyslogd option.
rsyslogd: Warning: backward compatibility layer added to following directive to rsyslog.conf: ModLoad immark
rsyslogd: Warning: backward compatibility layer added to following directive to rsyslog.conf: MarkMessagePeriod 1200
rsyslogd: Warning: backward compatibility layer added to following directive to rsyslog.conf: ModLoad imuxsock
rsyslogd: End of config validation run. Bye.

# tail /tmp/rsyslog.log
2839.215533142:7fc3abfff700: creating tcp listen socket on port 514
2839.215716877:7fc3abfff700: Allocating buffer for 200 TCP sessions.
2839.215738258:7fc3abfff700: nsdpoll_ptcp uses epoll_create1()
2839.215751058:7fc3abfff700: tcpsrv uses epoll() interface, nsdpol driver found
2839.215760867:7fc3abfff700: Trying to add listener 0, pUsr=0x7fc3a4001350
2839.215771198:7fc3abfff700: adding nsdpoll entry 0/0x7fc3a4001350, sock 7
2839.215783952:7fc3abfff700: Added listener 0
2839.215793325:7fc3abfff700: Trying to add listener 1, pUsr=0x7fc3a4001350
2839.215802486:7fc3abfff700: adding nsdpoll entry 1/0x7fc3a4001350, sock 8
2839.215813188:7fc3abfff700: Added listener 1


Says its there, but netstat shows its not.

Shouldn't the default be for traditional remote syslog reception?
If you really need TCP: is some service already listening on TCP/514? Does TCP/1514 work? (Anything > 1024 basically.)