[syslog-ng]syslog server for more 8 devices

[A.L.Lambert]

> Hi everybody,
> 
> I setup a syslog server in order to monitoring routeurs and firewalls. I use
> this command :
> logging facility local0
> .....................
> logging facility local7
> 
> so I can only 8 devices and each device sends syslog messages to the
> same log file on my server. Only EIGHT devices?

	This was one of the problems with the 'old' syslogd implementation
being dependant on PRIORITY.FACILITY for it's configuration.  With
syslog-ng, you can have each host log to a different file by using the
host("blah"); directive in filters, or automatically generated placement
names.  An example config snippet for manual configuration would be:


source net { udp(ip(65.192.8.14) port(514)); };

destination routers_d { file("/var/log/routers.log"); };
destination firewall_d { file("/var/log/firewall.log"); };

filter routers { host(x.x.x.x) or host(x.x.x.x); };
filter firewall { host(x.x.x.x); };

log {source(net); filter(routers); destination(routers_d); };
log {source(net); filter(pix); destination(firewall_d); };


	Or another (eaiser to work with) option, is to have things
automatically assigned, would be to setup a destination like:


source net { udp(ip(65.192.8.14) port(514)); };

destination auto { file("/var/log/$HOST/syslog"); };

log { source(net); destination(auto_d);


	Cheers!

-- 
A.L.Lambert 
------------------------------------------------------------------------
The problems that exist in the world today cannot be solved by the level
of thinking that created them...
	-Einstein
------------------------------------------------------------------------