On Tue, 2009-11-03 at 15:27 +0000, Christopher Barry wrote:
Hi All,
Looking for good config example that: sets up syslog-ng as the central log server catching standard remote syslog hosts logs, placing them in hostname dirs, with all of the remotes hosts logfiles intact in the hostname dirs. Creating 'date' dirs above the hostname dirs would be sweet too.
source s_remote { udp(); }; destination df_catch_all { file("/storage/syslog/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY" owner(root) group(root) perm(0644) dir_perm(0755) create_dirs(yes) ); }; log { source(s_remote); destination(df_catch_all); }; This creates the date directories below the hostnames. (This is not a full config file, just a partial.) Cheers, -- Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844 University of Minnesota Duluth Information Technology Systems & Services PGP key 1024D/84E22DA2 2005-11-07 Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2 He is not a fool who gives up what he cannot keep to gain what he cannot lose. -Jim Elliot