[syslog-ng]Remote log receive
MiikaT
syslog-ng@lists.balabit.hu
Wed, 30 Jul 2003 19:51:38 +0300
Lainaus Mark Knirk <syslog-ng@decep.net>:
> Here is a snippit of what I do this setup a listener, create a
> destination file based upon the host and date, the filter logs only on
> the host which the log came from.
Here's what I tried:
source s_udp { udp(ip("0.0.0.0") port(514));
filter f_gnatbox { host("fw-fxp3"); };
destination d_gnatbox {
file("/var/log/gnatbox/$HOST/$YEAR/$MONTH/$FULLDATE.log" owner
(root) group(logs) perm(0640) dir_perm(0770) create_dirs(yes$
};
log { source(s_udp); filter(f_gnatbox); destination(d_gnatbox);};
Tcpdump displays that syslog messages are sent to syslog-ng:
19:48:47.968036 fw-fxp3.syslog > localhost.syslog: udp 123
But no files or folders are created under /var/log/gnatbox. With
standard syslog I know that I can create three different log files
based on local0.* local1.* local2.*.
-MiikaT