[syslog-ng]Splitting UDP syslog traffic
Eduardo Seudónimo
ohdamnthathurts@yahoo.com
Wed, 13 Feb 2002 14:55:40 -0500
I'm interested in doing a 'tee' to syslog traffic much in the same way that the tee command does to stdout.
I currently have a syslog-ng server that gets a whole lot of traffic sent his way. Because of bandwidth contraints, I do not want to double the traffic flow by sending it to two servers. I would like to have a way to listen for the incoming syslog traffic and redirect each packet to a different IP address while preserving the original packet destined for my syslog box. For each packet that looks like this:
source IP ----> syslog server IP
I want two packets like this:
source IP ----> syslog server IP
source IP ----> syslog server2 IP
This will allow me to send a stream to both servers while preserving the bandwidth to the remote sites. I need to preserve the source IP traffic because I'm using sysng to break it up into seperate paths/files based on source.
Is this possible with NG? It looks like NG will bind to a local address when using the udp destination driver.