Hi, "Delon Lee Di Lun" <lee.delon2005@gmail.com> írta 2018-05-09 12:11-kor:
I read about the new BSD syslog protocol and IETF syslog protocol, doing comparison on the cost-benifit analysis on "upgrading" to using the protocol.
+1 about the ietf protocol! ;-)
I saw that the new IETF syslog protocol cater for a "APP-NAME" variable. Logically speaking, would I able to read in the logs, specify the "APP-NAME", on the server site, filter out this "APP-NAME"?
I don't really see your point. What's your goal? Process in those log files from apache, then drop them on server side, or what? If you want to channel those log events to a different destination using a filter, then the answer is yes. It could work: you can set anything you want as APP-NAME, and you can filter on it on the server side. Btw.: Using the ietf protocoll syslog-ng also gives you a couple of useful metadata about the read logmessage: It will add a field with the filename and file position where the logevent comes from. Cheers, Gyu