On 7/15/05, Balazs Scheidler <bazsi@balabit.hu> wrote:
On Fri, 2005-07-15 at 10:15 +0200, Philipp Durrer wrote:
I'm new to syslog-ng and i would like to put all hosts which sending thier logs to the server in one file without the logs. So i got only the hostnames and/or Ip's in the file as a list (each line a new host ?). And the second list should contain all IP Networks of the senders.
While syslog-ng doesn't do this today, you can accomplish what you are looking for by a destination with a template and an external script (pseudocode follows): destination d_hostlist { program("/usr/local/libexec/hostlist.sh" template("$HOST\n") ); } And in hostlist.sh: #!/bin/sh # Append one host read from stdin to a list of 'seen' hosts. # outfile="/var/tmp/hosts.txt" # Change this!!!! touch outfile read host grep -q -x $host $outfile || exit echo $host >> $outfile exit ###EOF### This is very much sub-optimal, very inefficient. A pipe would be slightly better.
can someone help me or say me thats not possible to make the list ?
it is not currently possible. however I'm thinking about adding this feature.
One approach that adds value could be to add an internal table tracking source hosts and the last time a message was received from each host. This table could be then be written out to internal() at the stats() interval. perhaps with a lower priority level? Kevin Kadow (P.S. Is there a public URL for tracking syslog-ng feature requests?)