On my ubuntu 14.04 rsyslogd is using 100% of my CPU (both cores). Even after some google searching I were not able to figure out why rsyslogd is using all of the cpu capacity all the time.
The solution I came up with was this:
service rsyslog stop
sed -i -e 's/^\$ModLoad imklog/#\$ModLoad imklog/g' /etc/rsyslog.conf
service rsyslog start
This fixed the problem but I do not know what I really did there. I were just so frustated (after some hours of googling) that I tried it.
Can someone explain why this worked?
I just had a similar case, and it turns out that the kernel was creating a huge amount of loglines into /var/log/syslog. After I fixed the problem (caused by WPA_supplicant and a wlan0mon left by kismet), the load went away. I would suggest that your solution would only be appropriate if there is no way to fix the root cause, which supposedly is the large amount of error messages from the kernel for syslog