[syslog-ng] suggestion: format of logline

[Balazs Scheidler]

> I would like to give as an option the format of the logline.
> It would, for instance, be nice to see the priority and facilty of
> the logline in the log. This way I would not need to have a lot of
> logfiles just so that that I afterwards could find out the priority
> and facility. This would also give me the possibility not to write
> out the host information, as this information is redundant if I
> only have a single host or if each host has its own directory of
> logfiles. Here's an example of such a line:
> 
> Jul 27 04:53:10 daemon  notice  proftpd[7423]: FTP session closed. 
> 
> The configuration option could be something like:
> 
> log_format("%m %d %t %f %l %m");
> 
> where 
> %m = month
> %d = day
> %t = time
> %f = facility
> %l = level
> %m = message

This feature is already planned for 1.3.x. For a summary, here are things
planned for the next development cycle:

- variable substitution in destination file names, for example:
   file("/var/log/%h/messages"); where %h denotes the source host.

- rewrite rules to be applied either before, or after filtering rules are
  applied:
   rewrite r1 { format("..."); };
   rewrite r2 { format("..."); };
   log { source(s1); rewrite(r1); filter(f1); rewrite(r2); destination(d1); };

- program destination, which launches a program with the specified
  parameters and send all messages to its stdin.

- message MAC (message authenticity code), message encryption

- (maybe) encrypted, MAC protected network log forwarding

I plan to release 1.2.0 real soon now, because in the next two months I
won't have much time to work on syslog-ng.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
     url: http://www.balabit.hu/pgpkey.txt