[syslog-ng]How can I get logs without date,time hostname and facility ?
alexch
alexch@gc.lviv.ua
Fri, 4 Oct 2002 14:52:41 +0300
Ok
I have done that my squid's access.log works via syslog-ng. That's nice.
I get log given below
-------------cut-----------------
Oct 4 14:34:48 gw squid: 1033731288.219 1234 192.168.1.29 TCP_MISS/000 0
GET http://www.sans.org/infosecFAQ/sec_solaris.htm - NONE/- -
Oct 4 14:34:48 gw squid: 1033731288.755 1764 192.168.1.29 TCP_MISS/200
192 GET http://216.239.33.102/search? - DIRECT/216.239.33.102 text/html
-------------cut-----------------
but I want to get log without "Oct 4 14:34:48 gw squid:" (date,time
hostname and facility)
How can I do it???
my syslog-ng.conf
------begin-------------
options {
keep_hostname(no);
long_hostnames(off);
sync(0);
};
#
source src {
unix-dgram("/var/run/log");
# udp();
internal();
file("/dev/klog");
udp(ip("192.168.1.7") port(514));
destination hosts {
file("/var/log/hosts/$HOST/$FACILITY/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY"
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(src); destination(hosts); };
-----end------
Alexander Chernyh
Network Administrator
The Publishing House "Galitsky Kontrakty"
http://www.gc.lviv.ua
E-mail: alexch@gc.lviv.ua
CHA-UANIC: http://uanic.com.ua
ICQ 108387628