I would like to give as an option the format of the logline. It would, for instance, be nice to see the priority and facilty of the logline in the log. This way I would not need to have a lot of logfiles just so that that I afterwards could find out the priority and facility. This would also give me the possibility not to write out the host information, as this information is redundant if I only have a single host or if each host has its own directory of logfiles. Here's an example of such a line:
Jul 27 04:53:10 daemon notice proftpd[7423]: FTP session closed.
The configuration option could be something like:
log_format("%m %d %t %f %l %m");
where %m = month %d = day %t = time %f = facility %l = level %m = message
This feature is already planned for 1.3.x. For a summary, here are things planned for the next development cycle: - variable substitution in destination file names, for example: file("/var/log/%h/messages"); where %h denotes the source host. - rewrite rules to be applied either before, or after filtering rules are applied: rewrite r1 { format("..."); }; rewrite r2 { format("..."); }; log { source(s1); rewrite(r1); filter(f1); rewrite(r2); destination(d1); }; - program destination, which launches a program with the specified parameters and send all messages to its stdin. - message MAC (message authenticity code), message encryption - (maybe) encrypted, MAC protected network log forwarding I plan to release 1.2.0 real soon now, because in the next two months I won't have much time to work on syslog-ng. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt