diff --git a/.rsyslog.metadata b/.rsyslog.metadata
index e69762c..2ba55fe 100644
--- a/.rsyslog.metadata
+++ b/.rsyslog.metadata
@@ -1 +1 @@
-b4791ac7be1c27288a394e5701e217bce555bf75 SOURCES/rsyslog-7.4.2.tar.gz
+f4d6c60572bf661c7a7ea6a0f5e221e5a0fbf65a SOURCES/rsyslog-7.4.7.tar.gz
diff --git a/SOURCES/rsyslog-7.3.15-imuxsock-warning.patch b/SOURCES/rsyslog-7.3.15-imuxsock-warning.patch
deleted file mode 100644
index d2eaad8..0000000
--- a/SOURCES/rsyslog-7.3.15-imuxsock-warning.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From ac6c45537391d67beb55b03ccf301bdaa150cd8a Mon Sep 17 00:00:00 2001
-From: Tomas Heinrich <theinric@redhat.com>
-Date: Mon, 3 Jun 2013 15:09:07 +0200
-Subject: [PATCH] imuxsock: don't report an error message for
- $OmitLocalLogging
-
----
- plugins/imuxsock/imuxsock.c |    4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
-index c503852..dad09ab 100644
---- a/plugins/imuxsock/imuxsock.c
-+++ b/plugins/imuxsock/imuxsock.c
-@@ -1284,6 +1284,8 @@ BEGINactivateCnfPrePrivDrop
- 	instanceConf_t *inst;
- CODESTARTactivateCnfPrePrivDrop
- 	runModConf = pModConf;
-+	if(runModConf->bOmitLocalLogging && nfd == 1)
-+		ABORT_FINALIZE(RS_RET_OK);
- 	for(inst = runModConf->root ; inst != NULL ; inst = inst->next) {
- 		addListner(inst);
- 	}
-@@ -1325,6 +1327,8 @@ BEGINrunInput
- #endif
- 
- CODESTARTrunInput
-+	if(runModConf->bOmitLocalLogging && nfd == 1)
-+		ABORT_FINALIZE(RS_RET_OK);
- 	/* this is an endless loop - it is terminated when the thread is
- 	 * signalled to do so. This, however, is handled by the framework,
- 	 * right into the sleep below.
--- 
-1.7.10.4
-
diff --git a/SOURCES/rsyslog-7.4.2-imuxsock-rfc3339.patch b/SOURCES/rsyslog-7.4.2-imuxsock-rfc3339.patch
deleted file mode 100644
index 3ae46c4..0000000
--- a/SOURCES/rsyslog-7.4.2-imuxsock-rfc3339.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From 06a3239f2eaf90eb7c7034b563fa32b1b09beedd Mon Sep 17 00:00:00 2001
-From: Tomas Heinrich <theinric@redhat.com>
-Date: Wed, 6 Nov 2013 17:57:49 +0100
-Subject: [PATCH] imuxsock: pass along missing legacy config variables
-
-Not doing so caused that the system log socket was unaffected by these
-directives.
-
-bCreatePath is still not passed but currently, there's no placeholder for it.
----
- plugins/imuxsock/imuxsock.c |    6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
-index c503852..1c4ba47 100644
---- a/plugins/imuxsock/imuxsock.c
-+++ b/plugins/imuxsock/imuxsock.c
-@@ -159,11 +159,11 @@ static int startIndexUxLocalSockets; /* process fd from that index on (used to
- static int nfd = 1; /* number of Unix sockets open / read-only after startup */
- static int sd_fds = 0;			/* number of systemd activated sockets */
- 
--/* config vars for legacy config system */
- #define DFLT_bCreatePath 0
- #define DFLT_ratelimitInterval 0
- #define DFLT_ratelimitBurst 200
- #define DFLT_ratelimitSeverity 1			/* do not rate-limit emergency messages */
-+/* config vars for the legacy config system */
- static struct configSettings_s {
- 	int bOmitLocalLogging;
- 	uchar *pLogSockName;
-@@ -188,6 +188,7 @@ static struct configSettings_s {
- 	int bParseTrusted;		/* parse trusted properties */
- } cs;
- 
-+/* config vars for the v2 config system (rsyslog v6+) */
- struct instanceConf_s {
- 	uchar *sockName;
- 	uchar *pLogHostName;		/* host name to use with this socket */
-@@ -1256,11 +1257,14 @@ BEGINendCnfLoad
- CODESTARTendCnfLoad
- 	if(!loadModConf->configSetViaV2Method) {
- 		/* persist module-specific settings from legacy config system */
-+		/* these are used to initialize the system log socket (listeners[0]) */
- 		loadModConf->bOmitLocalLogging = cs.bOmitLocalLogging;
- 		loadModConf->pLogSockName = cs.pLogSockName;
- 		loadModConf->bIgnoreTimestamp = cs.bIgnoreTimestampSysSock;
-+		loadModConf->bUseSysTimeStamp = cs.bUseSysTimeStampSysSock;
- 		loadModConf->bUseFlowCtl = cs.bUseFlowCtlSysSock;
- 		loadModConf->bAnnotateSysSock = cs.bAnnotateSysSock;
-+		loadModConf->bWritePidSysSock = cs.bWritePidSysSock;
- 		loadModConf->bParseTrusted = cs.bParseTrusted;
- 		loadModConf->ratelimitIntervalSysSock = cs.ratelimitIntervalSysSock;
- 		loadModConf->ratelimitBurstSysSock = cs.ratelimitBurstSysSock;
--- 
-1.7.10.4
-
diff --git a/SOURCES/rsyslog-7.4.7-bz1030044-remove-ads.patch b/SOURCES/rsyslog-7.4.7-bz1030044-remove-ads.patch
new file mode 100644
index 0000000..cdbcf0e
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-bz1030044-remove-ads.patch
@@ -0,0 +1,236 @@
+From 79e4e43bcadb0fb520240c655f529874f305f786 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Thu, 14 Nov 2013 15:14:08 +0100
+Subject: [PATCH] Remove references to Google ads from html documentation
+
+---
+ doc/rsyslog_secure_tls.html | 13 -------------
+ doc/tls_cert_ca.html        | 13 -------------
+ doc/tls_cert_client.html    | 13 -------------
+ doc/tls_cert_errmsgs.html   | 13 -------------
+ doc/tls_cert_machine.html   | 13 -------------
+ doc/tls_cert_scenario.html  | 13 -------------
+ doc/tls_cert_server.html    | 13 -------------
+ doc/tls_cert_summary.html   | 13 -------------
+ doc/tls_cert_udp_relay.html | 13 -------------
+ 9 files changed, 117 deletions(-)
+
+diff --git a/doc/rsyslog_secure_tls.html b/doc/rsyslog_secure_tls.html
+index b15e5a4..0bef2b3 100644
+--- a/doc/rsyslog_secure_tls.html
++++ b/doc/rsyslog_secure_tls.html
+@@ -38,19 +38,6 @@ below. Do not blame us if it doesn't provide what you need ;)</p>
+ </ul>
+ <p>Our secrity goals are achived via public/private key security. As such, it is 
+ vital that private keys are well protected and not accessible to third parties. 
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ If private keys have become known to third parties, the system does not provide 
+ any security at all. Also, our solution bases on X.509 certificates and a (very 
+ limited) chain of trust. We have one instance (the CA) that issues all machine 
+diff --git a/doc/tls_cert_ca.html b/doc/tls_cert_ca.html
+index 2cae404..f366462 100644
+--- a/doc/tls_cert_ca.html
++++ b/doc/tls_cert_ca.html
+@@ -23,19 +23,6 @@ Gerhards</a> (2008-06-17)</i></small></p>
+ maintained by a trustworthy person (or group) and approves the indentities of 
+ all machines. It does so by issuing their certificates. In a small setup, the 
+ administrator can provide the CA function. What is important is the the CA's 
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ private key is well-protocted and machine certificates are only issued if it is 
+ know they are valid (in a single-admin case that means the admin should not 
+ issue certificates to anyone else except himself).</p>
+diff --git a/doc/tls_cert_client.html b/doc/tls_cert_client.html
+index dbe7961..53596fc 100644
+--- a/doc/tls_cert_client.html
++++ b/doc/tls_cert_client.html
+@@ -25,19 +25,6 @@ example, that meanst turng.example.net). The client check's the server's identit
+ talks to it only if it is the expected server. This is a very important step.
+ Without it, you would not detect man-in-the-middle attacks or simple malicious servers
+ who try to get hold of your valuable log data.
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ <p><center><img src="tls_cert_100.jpg"></center>
+ <p>Steps to do:
+ <ul>
+diff --git a/doc/tls_cert_errmsgs.html b/doc/tls_cert_errmsgs.html
+index d002174..2943efc 100644
+--- a/doc/tls_cert_errmsgs.html
++++ b/doc/tls_cert_errmsgs.html
+@@ -21,19 +21,6 @@ Gerhards</a> (2008-06-17)</i></small></p>
+ 
+ <h3>Error Messages</h3>
+ <p>This page covers error message you may see when setting up
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ <a href="http://www.rsyslog.com">rsyslog</a> with TLS. Please note that many
+ of the message stem back to the TLS library being used. In those cases, there is
+ not always a good explanation available in rsyslog alone.
+diff --git a/doc/tls_cert_machine.html b/doc/tls_cert_machine.html
+index 095e15c..fe2ee90 100644
+--- a/doc/tls_cert_machine.html
++++ b/doc/tls_cert_machine.html
+@@ -22,19 +22,6 @@ Gerhards</a> (2008-06-18)</i></small></p>
+ <p>In this step, we generate certificates for each of the machines. Please note
+ that both clients and servers need certificates. The certificate identifies each
+ machine to the remote peer. The DNSName specified inside the certificate can
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ be specified inside the $&lt;object&gt;PermittedPeer config statements.
+ <p>For now, we assume that a single person (or group) is responsible for the whole
+ rsyslog system and thus it is OK if that single person is in posession of all
+diff --git a/doc/tls_cert_scenario.html b/doc/tls_cert_scenario.html
+index 7973532..88c7657 100644
+--- a/doc/tls_cert_scenario.html
++++ b/doc/tls_cert_scenario.html
+@@ -21,19 +21,6 @@ Gerhards</a> (2008-06-17)</i></small></p>
+ 
+ <h3>Sample Scenario</h3>
+ <p>We have a quite simple scenario. There is one central syslog server, 
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ named central.example.net. These server is being reported to by two Linux 
+ machines with name zuse.example.net and turing.example.net. Also, there is a 
+ third client - ada.example.net - which send both its own messages to the central 
+diff --git a/doc/tls_cert_server.html b/doc/tls_cert_server.html
+index 9c024bc..b784be1 100644
+--- a/doc/tls_cert_server.html
++++ b/doc/tls_cert_server.html
+@@ -23,19 +23,6 @@ Gerhards</a> (2008-06-18)</i></small></p>
+ via TLS protected plain tcp based syslog from those peers that are explicitely permitted
+ to send to it. The picture below show our configuration. This step configures
+ the server central.example.net.
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ <p><center><img src="tls_cert_100.jpg"></center>
+ <p><i><font color="red"><b>Important:</b> Keep in mind that the order of configuration directives
+ is very important in rsyslog. As such, the samples given below do only work if the given
+diff --git a/doc/tls_cert_summary.html b/doc/tls_cert_summary.html
+index 8e003bc..95844a8 100644
+--- a/doc/tls_cert_summary.html
++++ b/doc/tls_cert_summary.html
+@@ -20,19 +20,6 @@ Gerhards</a> (2008-07-03)</i></small></p>
+ 
+ <h3>Summary</h3>
+ <p>If you followed the steps outlined in this documentation set, you now have
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ a reasonable (for most needs) secure setup for the following environment:
+ <center><img src="tls_cert_100.jpg"></center>
+ <p>You have learned about the security decisions involved and which we
+diff --git a/doc/tls_cert_udp_relay.html b/doc/tls_cert_udp_relay.html
+index f4740ce..d44689c 100644
+--- a/doc/tls_cert_udp_relay.html
++++ b/doc/tls_cert_udp_relay.html
+@@ -26,19 +26,6 @@ directly to it, because we would like to have TLS protection for its sensitve
+ logs. If the router and the syslog relay are on a sufficiently secure private
+ network, this setup can be considered reasonable secure. In any case, it is the
+ best alternative among the possible configuration scenarios.
+-<span style="float: left">
+-<script type="text/javascript"><!--
+-google_ad_client = "pub-3204610807458280";
+-/* rsyslog doc inline */
+-google_ad_slot = "5958614527";
+-google_ad_width = 125;
+-google_ad_height = 125;
+-//-->
+-</script>
+-<script type="text/javascript"
+-src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
+-</script>
+-</span>
+ <p><center><img src="tls_cert_100.jpg"></center>
+ <p>Steps to do:
+ <ul>
+-- 
+1.8.4.3
+
diff --git a/SOURCES/rsyslog-7.4.7-bz1038136-imjournal-message-loss.patch b/SOURCES/rsyslog-7.4.7-bz1038136-imjournal-message-loss.patch
new file mode 100644
index 0000000..73134f5
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-bz1038136-imjournal-message-loss.patch
@@ -0,0 +1,267 @@
+From effa35d1ae33c1ac825317802b6e970e68f98af2 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Fri, 31 Jan 2014 11:35:55 +0100
+Subject: [PATCH] Improve handling of messages without syslog properties
+
+* Don't drop messages without the MESSAGE field
+* Set default severity for all messages
+  Some messages comming from journald don't have the SYSLOG_PRIORITY
+  field. These are typically the messages logged through journald's
+  native API. Set the default severity for these messages to 'notice'.
+* Set default facility for all messages
+  Some messages comming from journald don't have the SYSLOG_FACILITY
+  field. These are typically the messages logged through journald's
+  native API. Set the default facility for these messages to 'user'.
+* Make default priority configurable
+---
+ doc/imjournal.html            |  16 ++++++
+ plugins/imjournal/imjournal.c | 124 +++++++++++++++++++++++++++++++-----------
+ 2 files changed, 109 insertions(+), 31 deletions(-)
+
+diff --git a/doc/imjournal.html b/doc/imjournal.html
+index 8f29169..b4d2105 100644
+--- a/doc/imjournal.html
++++ b/doc/imjournal.html
+@@ -69,6 +69,18 @@ journal and read only new messages. This option is only used when there is
+ no StateFile to avoid message loss.
+ </ul>
+ 
++<li><b>DefaultSeverity</b> &lt;severity&gt;<br>
++Some messages comming from journald don't have the SYSLOG_PRIORITY
++field. These are typically the messages logged through journald's
++native API. This option specifies the default severity for these
++messages. Defaults to 'notice'.
++
++<li><b>DefaultFacility</b> &lt;facility&gt;<br>
++Some messages comming from journald don't have the SYSLOG_FACILITY
++field. These are typically the messages logged through journald's
++native API. This option specifies the default facility for these
++messages. Defaults to 'user'.
++
+ <b>Caveats/Known Bugs:</b>
+ <p>
+ <ul>
+@@ -105,6 +117,10 @@ Equivalent to: ratelimit.interval</li>
+ Equivalent to: ratelimit.burst</li>
+ <li><strong>$ImjournalIgnorePreviousMessages</strong><br>
+ Equivalent to: ignorePreviousMessages</li>
++<li><strong>$ImjournalDefaultSeverity</strong><br>
++Equivalent to: DefaultSeverity</li>
++<li><strong>$ImjournalDefaultFacility</strong><br>
++Equivalent to: DefaultFacility</li>
+ </ul>
+ 
+ </body>
+diff --git a/plugins/imjournal/imjournal.c b/plugins/imjournal/imjournal.c
+index 36c7e04..7d42b84 100755
+--- a/plugins/imjournal/imjournal.c
++++ b/plugins/imjournal/imjournal.c
+@@ -68,15 +68,21 @@ static struct configSettings_s {
+ 	int ratelimitInterval;
+ 	int ratelimitBurst;
+ 	int bIgnorePrevious;
++	int iDfltSeverity;
++	int iDfltFacility;
+ } cs;
+ 
++static rsRetVal facilityHdlr(uchar **pp, void *pVal);
++
+ /* module-global parameters */
+ static struct cnfparamdescr modpdescr[] = {
+ 	{ "statefile", eCmdHdlrGetWord, 0 },
+ 	{ "ratelimit.interval", eCmdHdlrInt, 0 },
+ 	{ "ratelimit.burst", eCmdHdlrInt, 0 },
+ 	{ "persiststateinterval", eCmdHdlrInt, 0 },
+-	{ "ignorepreviousmessages", eCmdHdlrBinary, 0 }
++	{ "ignorepreviousmessages", eCmdHdlrBinary, 0 },
++	{ "defaultseverity", eCmdHdlrSeverity, 0 },
++	{ "defaultfacility", eCmdHdlrString, 0 }
+ };
+ static struct cnfparamblk modpblk =
+ 	{ CNFPARAMBLK_VERSION,
+@@ -85,6 +91,8 @@ static struct cnfparamblk modpblk =
+ 	};
+ 
+ #define DFLT_persiststateinterval 10
++#define DFLT_SEVERITY LOG_PRI(LOG_NOTICE)
++#define DFLT_FACILITY LOG_FAC(LOG_USER)
+ 
+ static int bLegacyCnfModGlobalsPermitted = 1;/* are legacy module-global config parameters permitted? */
+ 
+@@ -94,6 +102,37 @@ static prop_t *pLocalHostIP = NULL;	/* a pseudo-constant propterty for 127.0.0.1
+ static ratelimit_t *ratelimiter = NULL;
+ static sd_journal *j;
+ 
++/* ugly workaround to handle facility numbers; values
++   derived from names need to be eight times smaller */
++static rsRetVal facilityHdlr(uchar **pp, void *pVal)
++{
++	DEFiRet;
++	char *p;
++
++	skipWhiteSpace(pp);
++	p = (char *) *pp;
++
++	if (isdigit((int) *p)) {
++		*((int *) pVal) = (int) strtol(p, (char **) pp, 10);
++	} else {
++		int len;
++		syslogName_t *c;
++
++		for (len = 0; p[len] && !isspace((int) p[len]); len++)
++			/* noop */;
++		for (c = syslogFacNames; c->c_name; c++) {
++			if (!strncasecmp(p, (char *) c->c_name, len)) {
++				*((int *) pVal) = LOG_FAC(c->c_val);
++				break;
++			}
++		}
++		*pp += len;
++	}
++
++	RETiRet;
++}
++
++
+ /* enqueue the the journal message into the message queue.
+  * The provided msg string is not freed - thus must be done
+  * by the caller.
+@@ -158,7 +197,6 @@ readjournal() {
+ 	const void *get;
+ 	const void *pidget;
+ 	char *parse;
+-	char *get2;
+ 	size_t length;
+ 	size_t pidlength;
+ 
+@@ -170,45 +208,52 @@ readjournal() {
+ 
+ 	long prefixlen = 0;
+ 
+-	int priority = 0;
+-	int facility = 0;
++	int severity = cs.iDfltSeverity;
++	int facility = cs.iDfltFacility;
+ 
+ 	/* Get message text */
+ 	if (sd_journal_get_data(j, "MESSAGE", &get, &length) < 0) {
+-		logmsgInternal(NO_ERRCODE, LOG_SYSLOG|LOG_INFO, (uchar *)"log message from journal doesn't have MESSAGE", 0);
+-		iRet = RS_RET_OK;
+-		goto ret;
+-	}
+-	message = strndup(get+8, length-8);
+-	if (message == NULL) {
+-		iRet = RS_RET_OUT_OF_MEMORY;
+-		goto ret;
++		message = strdup("");
++	} else {
++		message = strndup(get+8, length-8);
++		if (message == NULL) {
++			iRet = RS_RET_OUT_OF_MEMORY;
++			goto ret;
++		}
+ 	}
+ 
+-	/* Get message priority */
++	/* Get message severity ("priority" in journald's terminology) */
+ 	if (sd_journal_get_data(j, "PRIORITY", &get, &length) >= 0) {
+-		get2 = strndup(get, length);
+-		priority = ((char *)get2)[9] - '0';
+-		free (get2);
++		if (length == 10) {
++			severity = ((char *)get)[9] - '0';
++			if (severity < 0 || 7 < severity) {
++				dbgprintf("The value of the 'PRIORITY' field is "
++					"out of bounds: %d, resetting\n", severity);
++				severity = cs.iDfltSeverity;
++			}
++		} else {
++			dbgprintf("The value of the 'PRIORITY' field has an "
++				"unexpected length: %d\n", length);
++		}
+ 	}
+ 
+ 	/* Get syslog facility */
+ 	if (sd_journal_get_data(j, "SYSLOG_FACILITY", &get, &length) >= 0) {
+-		get2 = strndup(get, length);
+-		char f = ((char *)get2)[16];
+-		if (f >= '0' && f <= '9') {
+-			facility += f - '0';
+-		}
+-		f = ((char *)get2)[17];
+-		if (f >= '0' && f <= '9') {
+-			facility *= 10;
+-			facility += (f - '0');
++		if (length == 17 || length == 18) {
++			facility = ((char *)get)[16] - '0';
++			if (length == 18) {
++				facility *= 10;
++				facility += ((char *)get)[17] - '0';
++			}
++			if (facility < 0 || 23 < facility) {
++				dbgprintf("The value of the 'FACILITY' field is "
++					"out of bounds: %d, resetting\n", facility);
++				facility = cs.iDfltFacility;
++			}
++		} else {
++			dbgprintf("The value of the 'FACILITY' field has an "
++				"unexpected length: %d\n", length);
+ 		}
+-		free (get2);
+-	} else {
+-		/* message is missing facility -> internal systemd journal msg, drop */
+-		iRet = RS_RET_OK;
+-		goto free_message;
+ 	}
+ 
+ 	/* Get message identifier, client pid and add ':' */
+@@ -349,7 +394,7 @@ readjournal() {
+ 	}
+ 
+ 	/* submit message */
+-	enqMsg((uchar *)message, (uchar *) sys_iden_help, facility, priority, &tv, json);
++	enqMsg((uchar *)message, (uchar *) sys_iden_help, facility, severity, &tv, json);
+ 
+ finalize_it:
+ 	free(sys_iden_help);
+@@ -569,6 +614,8 @@ CODESTARTbeginCnfLoad
+ 	cs.stateFile = NULL;
+ 	cs.ratelimitBurst = 20000;
+ 	cs.ratelimitInterval = 600;
++	cs.iDfltSeverity = DFLT_SEVERITY;
++	cs.iDfltFacility = DFLT_FACILITY;
+ ENDbeginCnfLoad
+ 
+ 
+@@ -657,6 +704,17 @@ CODESTARTsetModCnf
+ 			cs.ratelimitInterval = (int) pvals[i].val.d.n;
+ 		} else if (!strcmp(modpblk.descr[i].name, "ignorepreviousmessages")) {
+ 			cs.bIgnorePrevious = (int) pvals[i].val.d.n; 
++		} else if (!strcmp(modpblk.descr[i].name, "defaultseverity")) {
++			cs.iDfltSeverity = (int) pvals[i].val.d.n;
++		} else if (!strcmp(modpblk.descr[i].name, "defaultfacility")) {
++			/* ugly workaround to handle facility numbers; values
++			   derived from names need to be eight times smaller */
++
++			char *fac, *p;
++
++			fac = p = es_str2cstr(pvals[i].val.d.estr, NULL);
++			facilityHdlr((uchar **) &p, (void *) &cs.iDfltFacility);
++			free(fac);
+ 		} else {
+ 			dbgprintf("imjournal: program error, non-handled "
+ 				"param '%s' in beginCnfLoad\n", modpblk.descr[i].name);
+@@ -710,6 +768,10 @@ CODEmodInit_QueryRegCFSLineHdlr
+ 		NULL, &cs.stateFile, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"imjournalignorepreviousmessages", 0, eCmdHdlrBinary,
+ 		NULL, &cs.bIgnorePrevious, STD_LOADABLE_MODULE_ID)); 
++	CHKiRet(omsdRegCFSLineHdlr((uchar *)"imjournaldefaultseverity", 0, eCmdHdlrSeverity,
++		NULL, &cs.iDfltSeverity, STD_LOADABLE_MODULE_ID));
++	CHKiRet(omsdRegCFSLineHdlr((uchar *)"imjournaldefaultfacility", 0, eCmdHdlrCustomHandler,
++		facilityHdlr, &cs.iDfltFacility, STD_LOADABLE_MODULE_ID));
+ 
+ 
+ ENDmodInit
+-- 
+1.8.4.3
+
diff --git a/SOURCES/rsyslog-7.4.7-bz1052266-dont-link-libee.patch b/SOURCES/rsyslog-7.4.7-bz1052266-dont-link-libee.patch
new file mode 100644
index 0000000..9babd75
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-bz1052266-dont-link-libee.patch
@@ -0,0 +1,42 @@
+diff -ur rsyslog-7.4.7.bck2014-01-20.1/runtime/Makefile.am rsyslog-7.4.7.bck2014-01-20/runtime/Makefile.am
+--- rsyslog-7.4.7.bck2014-01-20.1/runtime/Makefile.am	2014-01-20 13:00:47.922000000 -0500
++++ rsyslog-7.4.7.bck2014-01-20/runtime/Makefile.am	2014-01-20 12:57:44.048000000 -0500
+@@ -102,8 +102,8 @@
+ librsyslog_la_CPPFLAGS = -DSD_EXPORT_SYMBOLS -D_PATH_MODDIR=\"$(pkglibdir)/\" -I\$(top_srcdir) -I\$(top_srcdir)/grammar
+ endif
+ #librsyslog_la_LDFLAGS = -module -avoid-version
+-librsyslog_la_CPPFLAGS += $(PTHREADS_CFLAGS) $(LIBEE_CFLAGS) $(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
+-librsyslog_la_LIBADD =  $(DL_LIBS) $(RT_LIBS) $(LIBEE_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
++librsyslog_la_CPPFLAGS += $(PTHREADS_CFLAGS) $(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
++librsyslog_la_LIBADD =  $(DL_LIBS) $(RT_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
+ 
+ #
+ # regular expression support
+diff -ur rsyslog-7.4.7.bck2014-01-20.1/runtime/Makefile.in rsyslog-7.4.7.bck2014-01-20/runtime/Makefile.in
+--- rsyslog-7.4.7.bck2014-01-20.1/runtime/Makefile.in	2014-01-20 13:00:47.924000000 -0500
++++ rsyslog-7.4.7.bck2014-01-20/runtime/Makefile.in	2014-01-20 12:57:44.050000000 -0500
+@@ -650,19 +650,17 @@
+ @WITH_MODDIRS_FALSE@librsyslog_la_CPPFLAGS = -DSD_EXPORT_SYMBOLS \
+ @WITH_MODDIRS_FALSE@	-D_PATH_MODDIR=\"$(pkglibdir)/\" \
+ @WITH_MODDIRS_FALSE@	-I\$(top_srcdir) -I\$(top_srcdir)/grammar \
+-@WITH_MODDIRS_FALSE@	$(PTHREADS_CFLAGS) $(LIBEE_CFLAGS) \
+-@WITH_MODDIRS_FALSE@	$(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) \
+-@WITH_MODDIRS_FALSE@	-I\$(top_srcdir)/tools
++@WITH_MODDIRS_FALSE@	$(PTHREADS_CFLAGS) $(LIBUUID_CFLAGS) \
++@WITH_MODDIRS_FALSE@	$(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
+ # the files with ../ we need to work on - so that they either become part of the
+ # runtime or will no longer be needed. -- rgerhards, 2008-06-13
+ #
+ #librsyslog_la_LDFLAGS = -module -avoid-version
+ @WITH_MODDIRS_TRUE@librsyslog_la_CPPFLAGS = -DSD_EXPORT_SYMBOLS \
+ @WITH_MODDIRS_TRUE@	-D_PATH_MODDIR=\"$(pkglibdir)/:$(moddirs)\" \
+-@WITH_MODDIRS_TRUE@	$(PTHREADS_CFLAGS) $(LIBEE_CFLAGS) \
+-@WITH_MODDIRS_TRUE@	$(LIBUUID_CFLAGS) $(JSON_C_CFLAGS) \
+-@WITH_MODDIRS_TRUE@	-I\$(top_srcdir)/tools
+-librsyslog_la_LIBADD = $(DL_LIBS) $(RT_LIBS) $(LIBEE_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
++@WITH_MODDIRS_TRUE@	$(PTHREADS_CFLAGS) $(LIBUUID_CFLAGS) \
++@WITH_MODDIRS_TRUE@	$(JSON_C_CFLAGS) -I\$(top_srcdir)/tools
++librsyslog_la_LIBADD = $(DL_LIBS) $(RT_LIBS) $(LIBUUID_LIBS) $(JSON_C_LIBS)
+ @ENABLE_REGEXP_TRUE@lmregexp_la_SOURCES = regexp.c regexp.h
+ @ENABLE_REGEXP_TRUE@lmregexp_la_CPPFLAGS = $(PTHREADS_CFLAGS) $(RSRT_CFLAGS)
+ @ENABLE_REGEXP_TRUE@lmregexp_la_LDFLAGS = -module -avoid-version
diff --git a/SOURCES/rsyslog-7.4.7-bz1053669-imuxsock-wrn.patch b/SOURCES/rsyslog-7.4.7-bz1053669-imuxsock-wrn.patch
new file mode 100644
index 0000000..9974cf6
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-bz1053669-imuxsock-wrn.patch
@@ -0,0 +1,39 @@
+From 8e0ac9576056a71dd7ad69157a94d56d433afbf6 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Mon, 20 Jan 2014 16:23:17 +0100
+Subject: [PATCH] imuxsock: don't issue a warning if there are no sockets
+ configured
+
+---
+ plugins/imuxsock/imuxsock.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
+index df504dd..aadb853 100644
+--- a/plugins/imuxsock/imuxsock.c
++++ b/plugins/imuxsock/imuxsock.c
+@@ -1291,6 +1291,10 @@ CODESTARTactivateCnfPrePrivDrop
+ 	for(inst = runModConf->root ; inst != NULL ; inst = inst->next) {
+ 		addListner(inst);
+ 	}
++	if(runModConf->bOmitLocalLogging && nfd == 1) {
++		/* No sockets were configured, no reason to run. */
++		ABORT_FINALIZE(RS_RET_OK);
++	}
+ 	CHKiRet(activateListeners());
+ finalize_it:
+ ENDactivateCnfPrePrivDrop
+@@ -1329,6 +1333,10 @@ BEGINrunInput
+ #endif
+ 
+ CODESTARTrunInput
++	if(runModConf->bOmitLocalLogging && nfd == 1) {
++		/* No sockets were configured, no reason to run. */
++		ABORT_FINALIZE(RS_RET_OK);
++	}
+ 	/* this is an endless loop - it is terminated when the thread is
+ 	 * signalled to do so. This, however, is handled by the framework,
+ 	 * right into the sleep below.
+-- 
+1.8.4.3
+
diff --git a/SOURCES/rsyslog-7.4.7-bz1054171-omjournal-warning.patch b/SOURCES/rsyslog-7.4.7-bz1054171-omjournal-warning.patch
new file mode 100644
index 0000000..6d4a18a
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-bz1054171-omjournal-warning.patch
@@ -0,0 +1,25 @@
+From e921bfe82068a1767311181ad7f4c78ed86e2577 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Thu, 16 Jan 2014 11:43:55 +0100
+Subject: [PATCH] bugfix: invert the logic for issuing a warning
+
+---
+ plugins/omjournal/omjournal.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/omjournal/omjournal.c b/plugins/omjournal/omjournal.c
+index 160c369..937d277 100644
+--- a/plugins/omjournal/omjournal.c
++++ b/plugins/omjournal/omjournal.c
+@@ -153,7 +153,7 @@ ENDdoAction
+ BEGINparseSelectorAct
+ CODESTARTparseSelectorAct
+ CODE_STD_STRING_REQUESTparseSelectorAct(1)
+-	if(strncmp((char*) p, ":omjournal:", sizeof(":omjournal:") - 1)) {
++	if(!strncmp((char*) p, ":omjournal:", sizeof(":omjournal:") - 1)) {
+ 		errmsg.LogError(0, RS_RET_LEGA_ACT_NOT_SUPPORTED,
+ 			"omjournal supports only v6+ config format, use: "
+ 			"action(type=\"omjournal\" ...)");
+-- 
+1.8.4.3
+
diff --git a/SOURCES/rsyslog-7.4.7-numeric-uid.patch b/SOURCES/rsyslog-7.4.7-numeric-uid.patch
new file mode 100644
index 0000000..c9f8310
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-numeric-uid.patch
@@ -0,0 +1,129 @@
+From 032fcabdb7f3fc515d8155f48751271535df7b8e Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Thu, 5 Dec 2013 19:46:51 +0100
+Subject: [PATCH] Add directives for numerically specifying GIDs/UIDs
+
+The already present directives (FileOwner, FileGroup, DirOwner,
+DirGroup) translate names to numerical IDs, which depends on the user
+information being available during rsyslog's startup. This can fail if
+the information is obtained over a network or from a service such as
+SSSD. The new directives provide a way to specify the numerical IDs
+directly and bypass the lookup.
+---
+ doc/omfile.html              | 12 ++++++++++++
+ doc/rsyslog_conf_global.html |  4 ++++
+ tools/omfile.c               | 16 ++++++++++++++++
+ 3 files changed, 32 insertions(+)
+
+diff --git a/doc/omfile.html b/doc/omfile.html
+index 0f64f26..5f839fe 100644
+--- a/doc/omfile.html
++++ b/doc/omfile.html
+@@ -53,15 +53,27 @@
+ 	<li><strong>DirOwner </strong><br>
+ 	Set the file owner for directories newly created. Please note that this setting does not affect the owner of directories already existing. The parameter is a user name, for which the userid is obtained by rsyslogd during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
+ 
++	<li><strong>DirOwnerNum </strong><br>
++	Set the file owner for directories newly created. Please note that this setting does not affect the owner of directories already existing. The parameter is a numerical ID, which is used regardless of whether the user actually exists. This can be useful if the user mapping is not available to rsyslog during startup.<br></li><br>
++
+ 	<li><strong>DirGroup </strong><br>
+ 	Set the group for directories newly created. Please note that this setting does not affect the group of directories already existing. The parameter is a group name, for which the groupid is obtained by rsyslogd on during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
+ 
++	<li><strong>DirGroupNum </strong><br>
++	Set the group for directories newly created. Please note that this setting does not affect the group of directories already existing. The parameter is a numerical ID, which is used regardless of whether the group actually exists. This can be useful if the group mapping is not available to rsyslog during startup.<br></li><br>
++
+ 	<li><strong>FileOwner </strong><br>
+ 	Set the file owner for files newly created. Please note that this setting does not affect the owner of files already existing. The parameter is a user name, for which the userid is obtained by rsyslogd during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
+ 
++	<li><strong>FileOwnerNum </strong><br>
++	Set the file owner for files newly created. Please note that this setting does not affect the owner of files already existing. The parameter is a numerical ID, which which is used regardless of whether the user actually exists. This can be useful if the user mapping is not available to rsyslog during startup.<br></li><br>
++
+ 	<li><strong>FileGroup </strong><br>
+ 	Set the group for files newly created. Please note that this setting does not affect the group of files already existing. The parameter is a group name, for which the groupid is obtained by rsyslogd during startup processing. Interim changes to the user mapping are not detected.<br></li><br>
+ 
++	<li><strong>$FileGroupNum </strong><br>
++	Set the group for files newly created. Please note that this setting does not affect the group of files already existing. The parameter is a numerical ID, which is used regardless of whether the group actually exists. This can be useful if the group mapping is not available to rsyslog during startup.<br></li><br>
++
+ 	<li><strong>DirCreateMode </strong>[defaul 0700]<br>
+ 	This is the same as $FileCreateMode, but for directories automatically generated.<br></li><br>
+ 
+diff --git a/doc/rsyslog_conf_global.html b/doc/rsyslog_conf_global.html
+index e48ed6d..b9a2ba2 100644
+--- a/doc/rsyslog_conf_global.html
++++ b/doc/rsyslog_conf_global.html
+@@ -136,7 +136,9 @@ our paper on <a href="multi_ruleset.html">using multiple rule sets in rsyslog</a
+ <li><a href="omfile.html"><b>$CreateDirs</b></a> [<b>on</b>/off] - create directories on an as-needed basis</li>
+ <li><a href="omfile.html"><b>$DirCreateMode</b></a></li>
+ <li><a href="omfile.html"><b>$DirGroup</b></a></li>
++<li><a href="omfile.html"><b>$DirGroupNum</b></a></li>
+ <li><a href="omfile.html"><b>$DirOwner</b></a></li>
++<li><a href="omfile.html"><b>$DirOwnerNum</b></a></li>
+ <li><a href="rsconf1_dropmsgswithmaliciousdnsptrrecords.html"><b>$DropMsgsWithMaliciousDnsPTRRecords</b></a></li>
+ <li><a href="rsconf1_droptrailinglfonreception.html"><b>$DropTrailingLFOnReception</b></a></li>
+ <li><a href="omfile.html"><b>$DynaFileCacheSize</b></a></li>
+@@ -148,7 +150,9 @@ our paper on <a href="multi_ruleset.html">using multiple rule sets in rsyslog</a
+ <li><a href="omfile.html"><b>$FailOnChownFailure</b></a></li>
+ <li><a href="omfile.html"><b>$FileCreateMode</b></a></li>
+ <li><a href="omfile.html"><b>$FileGroup</b></a></li>
++<li><a href="omfile.html"><b>$FileGroupNum</b></a></li>
+ <li><a href="omfile.html"><b>$FileOwner</b></a></li>
++<li><a href="omfile.html"><b>$FileOwnerNum</b></a></li>
+ <li><a href="rsconf1_generateconfiggraph.html"><b>$GenerateConfigGraph</b></a></li>
+ <li><a href="rsconf1_gssforwardservicename.html"><b>$GssForwardServiceName</b></a></li>
+ <li><a href="rsconf1_gsslistenservicename.html"><b>$GssListenServiceName</b></a></li>
+diff --git a/tools/omfile.c b/tools/omfile.c
+index 3dca347..fd14cb5 100644
+--- a/tools/omfile.c
++++ b/tools/omfile.c
+@@ -233,9 +233,13 @@ static struct cnfparamdescr actpdescr[] = {
+ 	{ "flushontxend", eCmdHdlrBinary, 0 }, /* legacy: omfileflushontxend */
+ 	{ "iobuffersize", eCmdHdlrSize, 0 }, /* legacy: omfileiobuffersize */
+ 	{ "dirowner", eCmdHdlrUID, 0 }, /* legacy: dirowner */
++	{ "dirownernum", eCmdHdlrInt, 0 }, /* legacy: dirownernum */
+ 	{ "dirgroup", eCmdHdlrGID, 0 }, /* legacy: dirgroup */
++	{ "dirgroupnum", eCmdHdlrInt, 0 }, /* legacy: dirgroupnum */
+ 	{ "fileowner", eCmdHdlrUID, 0 }, /* legacy: fileowner */
++	{ "fileownernum", eCmdHdlrInt, 0 }, /* legacy: fileownernum */
+ 	{ "filegroup", eCmdHdlrGID, 0 }, /* legacy: filegroup */
++	{ "filegroupnum", eCmdHdlrInt, 0 }, /* legacy: filegroupnum */
+ 	{ "dircreatemode", eCmdHdlrFileCreateMode, 0 }, /* legacy: dircreatemode */
+ 	{ "filecreatemode", eCmdHdlrFileCreateMode, 0 }, /* legacy: filecreatemode */
+ 	{ "failonchownfailure", eCmdHdlrBinary, 0 }, /* legacy: failonchownfailure */
+@@ -1139,12 +1143,20 @@ CODESTARTnewActInst
+ 			pData->iIOBufSize = (int) pvals[i].val.d.n;
+ 		} else if(!strcmp(actpblk.descr[i].name, "dirowner")) {
+ 			pData->dirUID = (int) pvals[i].val.d.n;
++		} else if(!strcmp(actpblk.descr[i].name, "dirownernum")) {
++			pData->dirUID = (int) pvals[i].val.d.n;
+ 		} else if(!strcmp(actpblk.descr[i].name, "dirgroup")) {
+ 			pData->dirGID = (int) pvals[i].val.d.n;
++		} else if(!strcmp(actpblk.descr[i].name, "dirgroupnum")) {
++			pData->dirGID = (int) pvals[i].val.d.n;
+ 		} else if(!strcmp(actpblk.descr[i].name, "fileowner")) {
+ 			pData->fileUID = (int) pvals[i].val.d.n;
++		} else if(!strcmp(actpblk.descr[i].name, "fileownernum")) {
++			pData->fileUID = (int) pvals[i].val.d.n;
+ 		} else if(!strcmp(actpblk.descr[i].name, "filegroup")) {
+ 			pData->fileGID = (int) pvals[i].val.d.n;
++		} else if(!strcmp(actpblk.descr[i].name, "filegroupnum")) {
++			pData->fileGID = (int) pvals[i].val.d.n;
+ 		} else if(!strcmp(actpblk.descr[i].name, "dircreatemode")) {
+ 			pData->fDirCreateMode = (int) pvals[i].val.d.n;
+ 		} else if(!strcmp(actpblk.descr[i].name, "filecreatemode")) {
+@@ -1377,9 +1389,13 @@ INITLegCnfVars
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"omfileflushontxend", 0, eCmdHdlrBinary, NULL, &cs.bFlushOnTXEnd, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"omfileiobuffersize", 0, eCmdHdlrSize, NULL, &cs.iIOBufSize, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirowner", 0, eCmdHdlrUID, NULL, &cs.dirUID, STD_LOADABLE_MODULE_ID));
++	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirownernum", 0, eCmdHdlrInt, NULL, &cs.dirUID, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirgroup", 0, eCmdHdlrGID, NULL, &cs.dirGID, STD_LOADABLE_MODULE_ID));
++	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dirgroupnum", 0, eCmdHdlrInt, NULL, &cs.dirGID, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"fileowner", 0, eCmdHdlrUID, NULL, &cs.fileUID, STD_LOADABLE_MODULE_ID));
++	CHKiRet(omsdRegCFSLineHdlr((uchar *)"fileownernum", 0, eCmdHdlrInt, NULL, &cs.fileUID, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"filegroup", 0, eCmdHdlrGID, NULL, &cs.fileGID, STD_LOADABLE_MODULE_ID));
++	CHKiRet(omsdRegCFSLineHdlr((uchar *)"filegroupnum", 0, eCmdHdlrInt, NULL, &cs.fileGID, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"dircreatemode", 0, eCmdHdlrFileCreateMode, NULL, &cs.fDirCreateMode, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"filecreatemode", 0, eCmdHdlrFileCreateMode, NULL, &cs.fCreateMode, STD_LOADABLE_MODULE_ID));
+ 	CHKiRet(omsdRegCFSLineHdlr((uchar *)"createdirs", 0, eCmdHdlrBinary, NULL, &cs.bCreateDirs, STD_LOADABLE_MODULE_ID));
+-- 
+1.8.4.3
+
diff --git a/SOURCES/rsyslog-7.4.7-omelasticsearch-atomic-inst.patch b/SOURCES/rsyslog-7.4.7-omelasticsearch-atomic-inst.patch
new file mode 100644
index 0000000..a553cf8
--- /dev/null
+++ b/SOURCES/rsyslog-7.4.7-omelasticsearch-atomic-inst.patch
@@ -0,0 +1,48 @@
+From c1cae8d67c58d723bff0d6c47b9991d24289e209 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich <theinric@redhat.com>
+Date: Sun, 12 Jan 2014 22:10:00 +0100
+Subject: [PATCH] bugfix: omelasticsearch did not compile on platforms without
+ atomic instructions
+
+Adapted from from http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=16207e3d55ac6bb15af6d50791d2c7462816de57
+---
+ plugins/omelasticsearch/omelasticsearch.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/plugins/omelasticsearch/omelasticsearch.c b/plugins/omelasticsearch/omelasticsearch.c
+index b82968d..cc3c203 100644
+--- a/plugins/omelasticsearch/omelasticsearch.c
++++ b/plugins/omelasticsearch/omelasticsearch.c
+@@ -608,7 +608,7 @@ curlPost(instanceData *pData, uchar *message, int msglen, uchar **tpls, int nmsg
+ 		case CURLE_COULDNT_RESOLVE_PROXY:
+ 		case CURLE_COULDNT_CONNECT:
+ 		case CURLE_WRITE_ERROR:
+-			STATSCOUNTER_INC(indexHTTPReqFail, mutHTTPReqFail);
++			STATSCOUNTER_INC(indexHTTPReqFail, mutIndexHTTPReqFail);
+ 			indexHTTPFail += nmsgs;
+ 			DBGPRINTF("omelasticsearch: we are suspending ourselfs due "
+ 				  "to failure %lld of curl_easy_perform()\n",
+@@ -1001,16 +1001,16 @@ CODEmodInit_QueryRegCFSLineHdlr
+ 	/* support statistics gathering */
+ 	CHKiRet(statsobj.Construct(&indexStats));
+ 	CHKiRet(statsobj.SetName(indexStats, (uchar *)"omelasticsearch"));
+-	STATSCOUNTER_INIT(indexSubmit, mutCtrIndexSubmit);
++	STATSCOUNTER_INIT(indexSubmit, mutIndexSubmit);
+ 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"submitted",
+ 		ctrType_IntCtr, &indexSubmit));
+-	STATSCOUNTER_INIT(indexHTTPFail, mutCtrIndexHTTPFail);
++	STATSCOUNTER_INIT(indexHTTPFail, mutIndexHTTPFail);
+ 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"failed.http",
+ 		ctrType_IntCtr, &indexHTTPFail));
+-	STATSCOUNTER_INIT(indexHTTPReqFail, mutCtrIndexHTTPReqFail);
++	STATSCOUNTER_INIT(indexHTTPReqFail, mutIndexHTTPReqFail);
+ 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"failed.httprequests",
+ 		ctrType_IntCtr, &indexHTTPReqFail));
+-	STATSCOUNTER_INIT(indexESFail, mutCtrIndexESFail);
++	STATSCOUNTER_INIT(indexESFail, mutIndexESFail);
+ 	CHKiRet(statsobj.AddCounter(indexStats, (uchar *)"failed.es",
+ 		ctrType_IntCtr, &indexESFail));
+ 	CHKiRet(statsobj.ConstructFinalize(indexStats));
+-- 
+1.8.4.3
+
diff --git a/SOURCES/rsyslog.conf b/SOURCES/rsyslog.conf
index 6972b4d..735472d 100644
--- a/SOURCES/rsyslog.conf
+++ b/SOURCES/rsyslog.conf
@@ -1,4 +1,4 @@
-# rsyslog v5 configuration file
+# rsyslog configuration file
 
 # For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
 # If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html
@@ -8,7 +8,7 @@
 # The imjournal module bellow is now used as a message source instead of imuxsock.
 $ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
 $ModLoad imjournal # provides access to the systemd journal
-$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
+#$ModLoad imklog # reads kernel messages (the same are read from journald)
 #$ModLoad immark  # provides --MARK-- message capability
 
 # Provides UDP syslog reception
diff --git a/SPECS/rsyslog.spec b/SPECS/rsyslog.spec
index e7441ad..c71e53f 100644
--- a/SPECS/rsyslog.spec
+++ b/SPECS/rsyslog.spec
@@ -1,5 +1,3 @@
-%global _exec_prefix %{nil}
-%global _libdir %{_exec_prefix}/%{_lib}
 %define rsyslog_statedir %{_sharedstatedir}/rsyslog
 %define rsyslog_pkidir %{_sysconfdir}/pki/rsyslog
 %if 0%{?rhel} >= 7
@@ -14,8 +12,8 @@
 
 Summary: Enhanced system logging and kernel message trapping daemon
 Name: rsyslog
-Version: 7.4.2
-Release: 4%{?dist}
+Version: 7.4.7
+Release: 6%{?dist}
 License: (GPLv3+ and ASL 2.0)
 Group: System Environment/Daemons
 URL: http://www.rsyslog.com/
@@ -28,13 +26,22 @@ Patch0: rsyslog-7.4.1-sd-service.patch
 Patch1: rsyslog-7.2.2-manpage-dbg-mode.patch
 # prevent modification of trusted properties (proposed upstream)
 Patch2: rsyslog-7.2.1-msg_c_nonoverwrite_merge.patch
+# sent upstream
+Patch3: rsyslog-7.4.7-bz1053669-imuxsock-wrn.patch
+# sent upstream
+Patch5: rsyslog-7.4.7-bz1030044-remove-ads.patch
 # merged upstream
-Patch3: rsyslog-7.3.15-imuxsock-warning.patch
-Patch4: rsyslog-7.4.2-imuxsock-rfc3339.patch
+Patch6: rsyslog-7.4.7-numeric-uid.patch
+# adapted from http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=16207e3d55ac6bb15af6d50791d2c7462816de57
+Patch7: rsyslog-7.4.7-omelasticsearch-atomic-inst.patch
+Patch8: rsyslog-7.4.7-bz1052266-dont-link-libee.patch
+Patch9: rsyslog-7.4.7-bz1054171-omjournal-warning.patch
+Patch10: rsyslog-7.4.7-bz1038136-imjournal-message-loss.patch
 
 BuildRequires: bison
 BuildRequires: flex
 BuildRequires: json-c-devel
+BuildRequires: libestr-devel >= 0.1.9
 BuildRequires: libuuid-devel
 BuildRequires: pkgconfig
 BuildRequires: python-docutils
@@ -84,7 +91,7 @@ Requires: %name = %version-%release
 Summary: Log normalization support for rsyslog
 Group: System Environment/Daemons
 Requires: %name = %version-%release
-BuildRequires: libestr-devel libee-devel liblognorm-devel
+BuildRequires: libee-devel liblognorm-devel
 
 %package mmaudit
 Summary: Message modification module supporting Linux audit format
@@ -106,6 +113,7 @@ BuildRequires: libdbi-devel
 Summary: MySQL support for rsyslog
 Group: System Environment/Daemons
 Requires: %name = %version-%release
+BuildRequires: mysql >= 4.0
 BuildRequires: mysql-devel >= 4.0
 
 %if %{want_mongodb}
@@ -169,7 +177,7 @@ advanced features suitable for enterprise-class, encryption-protected syslog
 relay chains.
 
 %description crypto
-This package containes a module providing log file encryption and a
+This package contains a module providing log file encryption and a
 command line tool to process encrypted logs.
 
 %description doc
@@ -253,7 +261,12 @@ of source ports.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
-%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
 
 %build
 %ifarch sparc64
@@ -335,6 +348,9 @@ rm -f %{buildroot}%{_libdir}/rsyslog/*.la
 # get rid of socket activation by default
 sed -i '/^Alias/s/^/;/;/^Requires=syslog.socket/s/^/;/' %{buildroot}%{_unitdir}/rsyslog.service
 
+# convert line endings from "\r\n" to "\n"
+cat tools/recover_qi.pl | tr -d '\r' > %{buildroot}%{_bindir}/rsyslog-recover-qi.pl
+
 %post
 for n in /var/log/{messages,secure,maillog,spooler}
 do
@@ -357,7 +373,9 @@ done
 %dir %{rsyslog_statedir}
 %dir %{rsyslog_pkidir}
 %{_sbindir}/rsyslogd
-%{_mandir}/*/*
+%attr(755,root,root) %{_bindir}/rsyslog-recover-qi.pl
+%{_mandir}/man5/rsyslog.conf.5.gz
+%{_mandir}/man8/rsyslogd.8.gz
 %{_unitdir}/rsyslog.service
 %config(noreplace) %{_sysconfdir}/rsyslog.conf
 %config(noreplace) %{_sysconfdir}/sysconfig/rsyslog
@@ -396,10 +414,13 @@ done
 %{_libdir}/rsyslog/pmsnare.so
 
 %files crypto
+%defattr(-,root,root)
 %{_bindir}/rscryutil
+%{_mandir}/man1/rscryutil.1.gz
 %{_libdir}/rsyslog/lmcry_gcry.so
 
 %files doc
+%defattr(-,root,root)
 %doc doc/*html
 
 %files elasticsearch
@@ -479,6 +500,68 @@ done
 %{_libdir}/rsyslog/omudpspoof.so
 
 %changelog
+* Wed Mar 26 2014 Tomas Heinrich <theinric@redhat.com> 7.4.7-6
+- disable the imklog plugin by default
+  the patch for rhbz#1038136 caused duplication of kernel messages since the
+  messages read by the imklog plugin were now also pulled in from journald
+  resolves: #1078654
+
+* Wed Feb 19 2014 Tomas Heinrich <theinric@redhat.com> 7.4.7-5
+- move the rscryutil man page to the crypto subpackage
+  resolves: #1056565
+- add a patch to prevent message loss in imjournal
+  rsyslog-7.4.7-bz1038136-imjournal-message-loss.patch
+  resolves: #1038136
+
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 7.4.7-4
+- Mass rebuild 2014-01-24
+
+* Mon Jan 20 2014 Tomas Heinrich <theinric@redhat.com> 7.4.7-3
+- replace rsyslog-7.3.15-imuxsock-warning.patch
+  with rsyslog-7.4.7-bz1053669-imuxsock-wrn.patch
+  resolves: #1053669
+- add rsyslog-7.4.7-bz1052266-dont-link-libee.patch to prevent
+  linking the main binary with libee
+  resolves: #1052266
+- add rsyslog-7.4.7-bz1054171-omjournal-warning.patch to fix
+  a condition for issuing a warning in omjournal
+  resolves: #1054171
+- drop the "v5" string from the conf file as it's misleading
+  resolves: #1040036
+
+* Wed Jan 15 2014 Honza Horak <hhorak@redhat.com> - 7.4.7-2
+- Rebuild for mariadb-libs
+  Related: #1045013
+
+* Mon Jan 06 2014 Tomas Heinrich <theinric@redhat.com> 7.4.7-1
+- rebase to 7.4.7
+  add requirement on libestr >= 0.1.9
+  resolves: #836485
+  resolves: #1020854
+  resolves: #1040036
+- drop patch 4; not needed anymore
+  rsyslog-7.4.2-imuxsock-rfc3339.patch
+- install the rsyslog-recover-qi.pl tool
+- fix a typo in a package description
+- add missing defattr directives
+- add a patch to remove references to Google ads in the html docs
+  rsyslog-7.4.7-bz1030044-remove-ads.patch
+  Resolves: #1030043
+- add a patch to allow numeric specification of UIDs/GUIDs
+  rsyslog-7.4.7-numeric-uid.patch
+  resolves: #1032198
+- change the installation prefix to "/usr"
+  resolves: #1032223
+- fix a bad date in the changelog
+  resolves: #1043622
+- resolve a build issue with missing mysql_config by adding
+  additional BuildRequires for the mysql package
+- add a patch to resolve build issue on ppc
+  rsyslog-7.4.7-omelasticsearch-atomic-inst.patch
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 7.4.2-5
+- Mass rebuild 2013-12-27
+
 * Wed Nov 06 2013 Tomas Heinrich <theinric@redhat.com> 7.4.2-4
 - add a patch to fix issues with rfc 3339 timestamp parsing
   resolves: #1020826
@@ -486,7 +569,7 @@ done
 * Fri Jul 12 2013 Jan Safranek <jsafrane@redhat.com> - 7.4.2-3
 - Rebuilt for new net-snmp
 
-* Tue Jul 10 2013 Tomas Heinrich <theinric@redhat.com> 7.4.2-2
+* Wed Jul 10 2013 Tomas Heinrich <theinric@redhat.com> 7.4.2-2
 - make compilation of the rabbitmq plugin optional
   resolves: #978919