check process rsyslogd matching /usr/sbin/rsyslogd
   group system
   group rsyslogd
   start program = "/usr/bin/systemctl start rsyslog"
   stop  program = "/usr/bin/systemctl stop rsyslog"
   if 5 restarts with 5 cycles then timeout
   depend on rsyslogd_bin
   depend on rsyslog_file

 check file rsyslogd_bin with path /usr/sbin/rsyslogd
   group rsyslogd
   include /etc/monit/templates/rootbin

 check file rsyslog_file with path /var/log/syslog
   group rsyslogd
   # Note: activate the immark plugin for rsyslog if
   # your system is too low on events.
   if timestamp > 65 minutes then alert
   if failed permission 640  then unmonitor
   if failed uid root        then unmonitor
   if failed gid adm         then unmonitor