diff --git a/handlers/main.yml b/handlers/main.yml
index f76334e11acd602026e4ceabacc459290f780d7e..88da02775c65d46ae09579ce055fbff1a193124e 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -37,23 +37,23 @@
       listen: "save iptables rules"
 
 - name: restart exim
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: "exim4"
     state: reloaded
     enabled: true
 
 - name: restart postfix
-  ansible.builtin.service:
+  ansible.builtin.systemd_service:
     name: "postfix"
     state: reloaded
 
 - name: restart sshd
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: "sshd"
     state: reloaded
 
 - name: reload journald configuration
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: "systemd-journald"
     state: restarted
 
@@ -62,18 +62,24 @@
   changed_when: false
 
 - name: restart logrotate.service
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: "logrotate.service"
     state: reloaded
   when: ansible_os_family == "Debian"
   changed_when: false
 
 - name: restart zramswap
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: "zramswap.service"
     state: restarted
     daemon_reload: true
 
+- name: restart rsyslog
+  ansible.builtin.systemd_service:
+    name: "rsyslog.service"
+    state: restarted:
+  changed_when: false
+
 - name: udev-Regel bekannt machen    # noqa no-changed-when
   ansible.builtin.command: "udevadm control --reload"
 
diff --git a/tasks/configure_syslog_server_logging.yml b/tasks/configure_syslog_server_logging.yml
index a6b1a9a96a0b10c4eff41878897ef435f75637b4..f973c232e4ef64ad8b408ce53e8b78edfaa79cac 100644
--- a/tasks/configure_syslog_server_logging.yml
+++ b/tasks/configure_syslog_server_logging.yml
@@ -1,15 +1,21 @@
 ---
-- name: Logging auf Syslog-Server einrichten
+- name: Configure remote syslogging to Graylog.
   ansible.builtin.lineinfile:
     dest: "/etc/rsyslog.conf"
     line: "{{ item }}"
   loop:
-    - '$template GRAYLOGRFC5424,"<%PRI%>%PROTOCOL-VERSION% %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\n"'
-    - '*.* @{{ vault_syslog_url }}:{{ vault_syslog_port }};RSYSLOG_SyslogProtocol23Format'
-- name: Logging auf Syslog-Server einrichten
+    # we only log desired information to not bust our log server
+    # e.g. we don't want a message for every cron job run
+    - "auth,authpriv.*;daemon.6 @{{ vault_syslog_url }}:{{ vault_syslog_port }};RSYSLOG_SyslogProtocol23Format"
+  notify: restart rsyslog
+
+- name: Remove old configs for remote syslogging to Graylog.
   ansible.builtin.lineinfile:
     dest: "/etc/rsyslog.conf"
     line: "{{ item }}"
     state: absent
   loop:
     - '$template GRAYLOGRFC5424,"<%PRI%>%PROTOCOL-VERSION% %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\\n"'
+    - '$template GRAYLOGRFC5424,"<%PRI%>%PROTOCOL-VERSION% %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\n"'
+    - '*.* @sdvgraylog.slub-dresden.de:1514;RSYSLOG_SyslogProtocol23Format'
+  notify: restart rsyslog