persistent link to current file
Is there any way to link the current version of a file to a standard location. If not would it be possible to add this functionality. Here is an example of what i have: destination d_default { file("/var/adm/messages.$YEAR.$MONTH.$DAY") ; } ; However, I have to recreate the symlink in cron every day: ln -s /var/adm/messages.2004.01.13 /var/adm/messages it would be nice if there was an option: destination d_default { file("/var/adm/messages.$YEAR.$MONTH.$DAY" soft_link("/var/adm/messages")) ; } ; if this or something like this has been implemented please let me know. Joe Gainey
On Tue, Jan 13, 2004 at 01:39:20PM -0500, Gainey, Joe (AT-Atlanta) wrote:
Is there any way to link the current version of a file to a standard location. If not would it be possible to add this functionality. Here is an example of what i have:
destination d_default { file("/var/adm/messages.$YEAR.$MONTH.$DAY") ; } ;
However, I have to recreate the symlink in cron every day:
ln -s /var/adm/messages.2004.01.13 /var/adm/messages
it would be nice if there was an option:
destination d_default { file("/var/adm/messages.$YEAR.$MONTH.$DAY" soft_link("/var/adm/messages")) ; } ;
Unless you have too little space to do it this way, I'd log to both: an archive and also /var/log/messages. Just rotate /var/log/messages every day with logrotate (or whatever) and you're set. -- Nate Only through hard work and perseverance can one truly suffer.
I am running syslog-ng v. on Solaris 8. Below is my config file. I am not able to see messages coming in off the wire. If I run syslogd the messages are logged properly. Any help is appreciated. --------Begin config------------- options { long_hostnames(off); sync(0); }; source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); }; source net { udp(); }; destination console { usertty("root"); }; destination 10-1-1-5 { file("/var/log/10-1-1-5"); }; filter f_10-1-1-5 { host("hostname") and match("something"); }; log { source(src); destination(console); }; log { source(src); filter(f_10-1-1-5); destination(10-1-1-5); }; -------------End config----------------- __________________________________ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus
On Tue, Jan 13, 2004 at 02:24:51PM -0800, Chance Ellis wrote:
I am running syslog-ng v. on Solaris 8.
Below is my config file. I am not able to see messages coming in off the wire. If I run syslogd the messages are logged properly.
Any help is appreciated.
--------Begin config-------------
options { long_hostnames(off); sync(0); }; source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); }; source net { udp(); }; destination console { usertty("root"); }; destination 10-1-1-5 { file("/var/log/10-1-1-5"); }; filter f_10-1-1-5 { host("hostname") and match("something"); }; log { source(src); destination(console); }; log { source(src); filter(f_10-1-1-5); destination(10-1-1-5); };
You don't have any log statements using the net source. Merge your net and net sources into one, or add a log statement logging the net source. I'd change this: -- snip -- source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); }; source net { udp(); }; -- snip -- ...to this: -- snip -- source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); udp(); }; -- snip -- Now your log statements catch all your input, which is what you seem to expect. -- Nate "Get your facts first, and then you can distort them as much as you please." - Samuel Clemens
That would do it! Thanks --- Nate Campi <nate@campin.net> wrote:
On Tue, Jan 13, 2004 at 02:24:51PM -0800, Chance Ellis wrote:
I am running syslog-ng v. on Solaris 8.
Below is my config file. I am not able to see messages coming in off the wire. If I run syslogd the messages are logged properly.
Any help is appreciated.
--------Begin config-------------
options { long_hostnames(off); sync(0); }; source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); }; source net { udp(); }; destination console { usertty("root"); }; destination 10-1-1-5 { file("/var/log/10-1-1-5"); }; filter f_10-1-1-5 { host("hostname") and match("something"); }; log { source(src); destination(console); }; log { source(src); filter(f_10-1-1-5); destination(10-1-1-5); };
You don't have any log statements using the net source. Merge your net and net sources into one, or add a log statement logging the net source.
I'd change this:
-- snip -- source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); };
source net { udp(); }; -- snip --
...to this:
-- snip -- source src { sun-stream("/dev/log" door("/etc/.syslog_door")); internal(); udp(); }; -- snip --
Now your log statements catch all your input, which is what you seem to expect. -- Nate
"Get your facts first, and then you can distort them as much as you please." - Samuel Clemens
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
__________________________________ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus
On Tue, Jan 13, 2004 at 01:39:20PM -0500, Gainey, Joe (AT-Atlanta) wrote:
it would be nice if there was an option:
destination d_default { file("/var/adm/messages.$YEAR.$MONTH.$DAY" soft_link("/var/adm/messages")) ; } ;
That is a nice idea! But until someone writes a patch for it, you might want to try my "loglinks" script (see attached) which should simplify the process. I wrote it for a central syslog server so that I could do this: loglinks /log/hosts /log/archive/hosts/BASENAME/%Y/%m/BASENAME.%Y.%m.%d host1 host2 [..] Which means that /log/hosts/HOSTNAME is always pointing to the right file in /log/archive/hosts/HOSTNAME/........ In your environment, I think the following work if you run it just after midnight out of cron: loglinks /var/adm /var/adm/BASENAME.%Y.%m.%d messages notices maillog Assuming that you're symlinking to those three logfiles. Experiment with it by setting "LOGLINKS_DEBUG=YES" in your environment and it'll just print the symlinks it would create instead of actually calling "ln -s". -- Ed
participants (4)
-
Chance Ellis
-
Ed Ravin
-
Gainey, Joe (AT-Atlanta)
-
Nate Campi