How to split logs in the default folders?
Hi, I'm not yet able to store my log by ip address. Can someone help me? How can I redirect everything that comes from a unique ip address (from LAN) to a folder I created? eg.: 192.168.1.1 (host1) == logs ==> 192.168.1.2 (syslog-ng-server )--->/ var/log/hosts/192.168.1.1 Tks and merry xmas!!! Tokie E' nata indoona: chiama, videochiama e messaggia Gratis. Scarica indoona per iPhone, Android e PC: http://www.indoona.com/
Look at the macros in the documentation. You could use $HOST (which parses the host name from the syslog header) or $HOST_FROM (which takes the host that sent the syslog packet). and define the destination: destination d_separatedbyhosts { file( "/var/log/$HOST_FROM/$HOST.messages"); }; seriously - there are lots of examples out there Jim On Fri, 2011-12-23 at 11:56 +0100, tokie@tiscali.it wrote:
Hi, I'm not yet able to store my log by ip address.
Can someone help me? How can I redirect everything that comes from a unique ip address (from LAN) to a folder I created? eg.: 192.168.1.1 (host1) == logs ==> 192.168.1.2 (syslog-ng-server )--->/ var/log/hosts/192.168.1.1
Tks and merry xmas!!!
Tokie
E' nata indoona: chiama, videochiama e messaggia Gratis. Scarica indoona per iPhone, Android e PC: http://www.indoona.com/ ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (2)
-
Jim
-
tokie@tiscali.it