Dejan Muhamedagic <dejan@suse.de> writes:
We have a kind of machinery which collects syslog logs from several hosts. Currently it works by sending a message using logger(1) to the given facility.severity and then looking up the message in log files in /var/log and a few other directories (using grep).
I'm looking for a more robust and faster way to discover the destination. Would that be possible with syslog-ng? And which is the optimal way to achieve that? An extra syslog-ng option? An extra binary? Or perhaps using logger(1)?
I don't quite get the question, I'm afraid. So, lets clarify what you have, and what you want to accomplish: If I understood you correctly, you have a set of hosts sending logs to wherever, and every hosts' messages end up in the same file (depending on facility.severity), and you want to split them by host? -- |8]