Hi
all,
I'm trying to
transmit a huge log file (of about 80k lines) to a centralized syslog server
over TCP
But, on the syslog
server, I'm receiver only the last part of the log file (of about 7000
lines)
How can I transmit
the whole log file
On client, the
syslog-ng.conf file ...
destination
d_mydest {
tcp("192.168.18.7"
port(5140));
};
source
s_src {
file("/some/huge/file.log" follow_freq(1)
log_prefix("mylogs:"));
};
log
{
source(s_src);
destination(d_mydest);
};
On
server (192.168.18.7) , the conf file ...
source
s_mysrc{
tcp(ip("192.168.18.7")
port(5140) keep-alive(yes));
};
filter f_filter{ match("mylogs:"); };
destination d_mydest
{
file
("/var/log/hosts/$HOST/$YEAR-$MONTH/$YEAR-$MONTH-$DAY/hugefile.log"
owner(root) group(root) perm(0600) dir_perm(0700)
create_dirs(yes)
);
};
log {
source(s_mysrc);
filter(f_filter);
destination(d_mydest);
};
Thanks and regards,
Hidayath