[syslog-ng]How can I get logs without date,time hostname and facility ?

Hamilton, Andrew Andrew.Hamilton@afccc.af.mil
Fri, 4 Oct 2002 08:06:57 -0400 

Alex,

Try use the template function to in your destination file definition.  I
haven't used this so I'm not 100% sure of the syntax but you can try the
destination.  You might have to tweak it a bit to get it right.
 
destination hosts {
file("/var/log/hosts/$HOST/$FACILITY/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY"
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(src); destination(hosts); template("$MESSAGE\n"); };

Regards,

Drew
-----Original Message-----
From: alexch [mailto:alexch@gc.lviv.ua]
Sent: Friday, October 04, 2002 7:53 AM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]How can I get logs without date,time hostname and
facility ?


Ok
I have done that my squid's access.log works via syslog-ng. That's nice.
I get log given below

-------------cut-----------------
Oct  4 14:34:48 gw squid: 1033731288.219   1234 192.168.1.29 TCP_MISS/000 0
GET http://www.sans.org/infosecFAQ/sec_solaris.htm - NONE/- -
Oct  4 14:34:48 gw squid: 1033731288.755   1764 192.168.1.29 TCP_MISS/200
192 GET http://216.239.33.102/search? - DIRECT/216.239.33.102 text/html
-------------cut-----------------

but I want to get log without "Oct  4 14:34:48 gw squid:" (date,time
hostname and facility)

How can I do it???

my syslog-ng.conf

------begin-------------
options {
        keep_hostname(no);
        long_hostnames(off);
        sync(0);
};
#
source src {
        unix-dgram("/var/run/log");
#       udp();
        internal();
        file("/dev/klog");
        udp(ip("192.168.1.7") port(514));

destination hosts {
file("/var/log/hosts/$HOST/$FACILITY/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY"
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(src); destination(hosts); };

-----end------



Alexander Chernyh
Network Administrator
The Publishing House "Galitsky Kontrakty"
http://www.gc.lviv.ua

E-mail:    alexch@gc.lviv.ua
CHA-UANIC:  http://uanic.com.ua
ICQ 108387628


_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html