[syslog-ng]$HOST directories
Jeremy Jones
syslog-ng@lists.balabit.hu
22 Apr 2003 14:26:22 -0600
Yeehaw! Thanks, Andrew. Works like a charm with
1.6.0rc2+20030422manual.
Jeremy
On Tue, 2003-04-22 at 14:16, Hamilton, Andrew wrote:
> I probably should have just said a current snapshot.
>
> Drew
>
> -----Original Message-----
> From: Jeremy Jones [mailto:jeremy@samnjack.com]
> Sent: Tuesday, April 22, 2003 4:09 PM
> To: syslog-ng@lists.balabit.hu
> Subject: [syslog-ng]$HOST directories
>
>
> Hello all yalls,
>
> I've been beating my head against a wall for a couple hours here, but
> have yet to figure out how to get syslog-ng to create my $HOST
> directories, or to even use them when I create them manually. When a
> remote host sends it's syslog messages, they just end up in
> /var/log/netlog/whatever.log. There's no indication anywhere else in my
> logs about improper permissions or anything of that sort. I'm trying to
> use version 1.6.0rc2 and libol-0.3.10.
>
> If it's at all interesting, "uname -a" tells me:
>
> Linux <my-secret-hostname> 2.4.20 #1 Wed Mar 26 11:34:49 MST 2003 i686
> unknown
>
> I've gone round and round with all the various dns/hostname related
> options, to no avail. Anyone have any Great Ideas?
>
> Here's some snippets from my syslog-ng.conf file:
>
> options {
> sync(0);
> time_reopen(10);
> log_fifo_size(100);
> keep_hostname (yes);
> dns_cache (yes);
> long_hostnames (yes);
> use_dns (yes);
> use_fqdn (yes);
> chain_hostnames (no);
> create_dirs (yes);
> owner (root);
> group (root);
> stats (600);
> perm (0660);
> dir_owner (root);
> dir_group (root);
> dir_perm (0770);
> use_time_recvd (yes);
> };
>
> <snip>
>
> source net { tcp(); udp(); };
>
>
> destination net_authlog { file("/var/log/netlog/$HOST/auth.log"); };
> destination net_userlog { file("/var/log/netlog/$HOST/user.log"); };
> destination net_bootlog { file("/var/log/netlog/$HOST/boot.log"); };
> destination net_errorlog { file("/var/log/netlog/$HOST/errors.log"); };
> destination net_cronlog { file("/var/log/netlog/$HOST/cron.log"); };
> destination net_kernlog { file("/var/log/netlog/$HOST/kern.log"); };
> destination net_maillog { file("/var/log/netlog/$HOST/mail.log"); };
> destination net_messages { file("/var/log/netlog/$HOST/messages"); };
> destination net_daemonlog { file("/var/log/netlog/$HOST/daemon.log"); };
> destination net_wwwacclog {
> file("/var/log/netlog/data/www/LOGS/$YEAR/$MONTH/www.access.log.$YEAR.$MONTH
> .$DAY");};
> destination net_wwwerrlog {
> file("/var/log/netlog/data/www/LOGS/$YEAR/$MONTH/www.errors.log.$YEAR.$MONTH
> .$DAY");};
>
>
> log { source(net); filter(f_authpriv); destination(net_authlog); };
> log { source(net); filter(f_user); destination(net_userlog); };
> log { source(net); filter(f_boot); destination(net_bootlog); };
> log { source(net); filter(f_err); destination(net_errorlog); };
> log { source(net); filter(f_cron); destination(net_cronlog); };
> log { source(net); filter(f_kern); destination(net_kernlog); };
> log { source(net); filter(f_mail); destination(net_maillog); };
> log { source(net); filter(f_daemon); destination(net_daemonlog); };
> log { source(net); filter(f_messages); destination(net_messages); };
> log { source(net); filter(f_www); filter(f_info);
> destination(net_wwwacclog); };
> log { source(net); filter(f_www); filter(f_err);
> destination(net_wwwerrlog); };
>
> Thanks a million
> Jeremy
>
> <please send inspectors to my country... i think we may have weapons of
> mass destruciton>
>
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>