I wish to split the log file into daily basis by means of different file per day according to the received timestamp. Is there any option in syslog-ng can be configured for this. At normal, the log file will grow bigger and bigger and become more difficult to read especially when we want to search for certain event on certain date. By achiving the log into daily file with meaningful filename, it should be much more convenient. Perhaps if syslog-ng do not have this option, is there any workaround or better method to due with this? Regards
On Sun, Nov 18, 2001 at 01:42:35PM -0800, Chee Chew wrote:
I wish to split the log file into daily basis by means of different file per day according to the received timestamp. Is there any option in syslog-ng can be configured for this. At normal, the log file will grow bigger and bigger and become more difficult to read especially when we want to search for certain event on certain date.
By achiving the log into daily file with meaningful filename, it should be much more convenient. Perhaps if syslog-ng do not have this option, is there any workaround or better method to due with this?
In my syslog-ng.conf file I put this: destination hosts { file("/var/log/HOSTS/$HOST/$FACILITY/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); }; log { source(src); destination(hosts); }; Read the docs to see what macros are available, you could arrange the archiving any way you like. I documented my setup at http://www.campin.net/newlogcheck.html - you may find it useful. -- Nate Campi http://www.campin.net GnuPG key: 0xC17AEF79 Key fingerprint = BF12 722F 8799 E614 33CC FAB7 5A90 C464 C17A EF79 When you say 'I wrote a program that crashed Windows', people just stare at you blankly and say 'Hey, I got those with the system, for free'
participants (2)
-
Chee Chew
-
Nate Campi