[syslog-ng]Logging to a specific destination
syslog-ng@lists.balabit.hu
syslog-ng@lists.balabit.hu
Thu, 12 Aug 2004 03:48:11 +0100
I had this same problem with BIND. I just set up a filter that matched
named, and one that did the opposite.
destination named { file("/var/log/local/$YEAR/$MONTH/$DAY/named.log"); };
filter f_named {
match("named");
};
filter f_nonamed {
not match("named");
};
For the logging section, something like this:
log {
source(localsrc);
filter(f_daemon);
filter(f_no_stats);
filter(f_nonamed);
destination(daemon);
};
(for ordinary daemon logs)
log {
source(localsrc);
filter(f_daemon);
filter(f_named);
filter(f_no_stats);
destination(named);
};
(for named specifically).
Works perfectly. It's just a matter of finding the one crucial element that
differentiates one type of log from another (named is easy, it prints [named]
in every log). Good luck.
mark
On Wed, Aug 11, 2004 at 09:28:08PM -0500, Anoop Rajendra wrote:
> I need to log all messages from iptables, ipmasq to a particular file
> (say iptables.log) and to that only and nothing else. Is there a way to
> specifically define this, ie say that messages from this daemon should
> go nowhere else?
>
> Thanks,
> Anoop ///
> ________________________________________________
> To be is to program.
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>