Kevin wrote:
On 7/15/05, Balazs Scheidler <bazsi@balabit.hu> wrote:
On Fri, 2005-07-15 at 10:15 +0200, Philipp Durrer wrote:
I'm new to syslog-ng and i would like to put all hosts which sending thier logs to the server in one file without the logs. So i got only the hostnames and/or Ip's in the file as a list (each line a new host ?). And the second list should contain all IP Networks of the senders.
While syslog-ng doesn't do this today, you can accomplish what you are looking for by a destination with a template and an external script (pseudocode follows):
destination d_hostlist { program("/usr/local/libexec/hostlist.sh" template("$HOST\n") ); }
And in hostlist.sh: #!/bin/sh # Append one host read from stdin to a list of 'seen' hosts. # outfile="/var/tmp/hosts.txt" # Change this!!!! touch outfile read host grep -q -x $host $outfile || exit echo $host >> $outfile exit ###EOF###
This is very much sub-optimal, very inefficient. A pipe would be slightly better.
Or how about: sort < /var/tmp/hosts.txt | uniq > /var/tmp/hosts.out
can someone help me or say me thats not possible to make the list ?
it is not currently possible. however I'm thinking about adding this feature.
One approach that adds value could be to add an internal table tracking source hosts and the last time a message was received from each host.
This table could be then be written out to internal() at the stats() interval. perhaps with a lower priority level?
Kevin Kadow
(P.S. Is there a public URL for tracking syslog-ng feature requests?) _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html