[syslog-ng]file() syntax
Christian Korschan
Christian.Korschan@CTBTO.ORG
Tue, 2 Oct 2001 06:25:48 +0000 (GMT)
On Mon, 1 Oct 2001, Nicholas Berry wrote:
> Just for background info, I compiled syslog-ng v1.5.9 under Solaris 8.
>
> I would like to make a statement similar to this:
> log { file("/var/log/$host/$year/$month"); };
> to write the log to "/var/log/ns01/2001/10". I know this is possible by
> several filters, but that would be a ton of filters (especially since
> this will be breaking up at least 20 hosts).
>
I guess you have to use _uppercase_ characters for macros.
Here's how I accomplished this:
[1] Add create_dirs(yes) to global options
Without creat_dirs set to yes syslog-ng will not be able to do what
you want !
[2] Define sources
source local {
sun-streams("/dev/log" door("/etc/.syslog_door"));
internal(); };
[3] define _one_ destination using macros:
Example from my current syslog-ng.conf:
destination local_default {
file("/var/log/$YEAR/$MONTH/$DAY/$PROGRAM")
owner(root)
group(ics)
perm(0640)
dir_perm(0755)); };
... in your case
file("/var/log/$HOST/$YEAR/$MONTH")
should do the job
[4] log to this destination
log { source(local); destination(local_default); };
use filters here if required
regards
--
Christian Korschan Systems Specialist CTBTO/IDC
Vienna International Centre Email: Christian.Korschan@CTBTO.ORG
P.O. BOX 1200 Phone: +43(1)26030 6184
A-1400 Vienna, Austria FAX: +43(1)26030 5932