2004-02-20, p keltezéssel 08:54-kor Luigi Augello ezt írta:
Hi at all and tanks to “Bazsi” for considering my suggestion “interesting” I think to create some different filter as some as: ... filter green { level(debug..notice); }; filter yellow { level(warning..error); }; filter red { level(alert..panic); }; ... filter auth_red{facility(auth), and filter(red) ; };(I don’t have try but I think that the this syntax is right)
... I would register the name of the filter to have the immediacy of the level of thedanger
I register the logs on a centralized Mysql database. Is more clear my target?
Ok, but how do you think this would be implemented in this case: source s_net {udp(); }; destination d_msg { file("/var/log/messages/messages.$FILTER"); }; filter red { level(alert..panic); }; filter auth { facility(auth); }; log { source(s_net); filter(red); filter(auth); destination(d_msg); }; So what should $FILTER expand to? When you have more than a single filter applied to a log path, expanding $FILTER is not that simple. A limited approach by expanding to the first/last filter is possible, but I don't really like this. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1