[syslog-ng] Remote loging and facility seperation of incoming logs.
Balazs Scheidler
bazsi@balabit.hu
Tue, 31 Aug 1999 22:53:02 +0200
On Tue, Aug 31, 1999 at 10:40:44AM -0400, deant@stsi.net wrote:
> Salutations all,
>
> I am attempting to set up a network log server for our Debian and
> RedHat servers. I can cause the other boxen to send the information
> to the log server. The log server receives the packets. However, I
> am having some difficulty separating the inbound packets by box and
> routing them to different files by facility. Any assistance would
> be appreciated.
Instead of filtering based on facility, use the host() filter to sort
messages belonging to different hosts to different destinations:
source s_net { udp(); };
filter f_host1 { host("host1");
destination d_host1 { file("/var/log/host1/messages"); };
log { source(s_net); filter(f_host1); destination(d_host1); };
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt