[syslog-ng] Send logs to upd syslog and rewrite facility
Damien_DeVille at discovery.com
Damien_DeVille at discovery.com
Tue Aug 9 19:11:17 CEST 2005
I'm in a position where I've got a device that uses syslog-ng to filter
multiple events into multiple diferent log files. I need to send the logs
to a central udp syslog server and would like to have all events from this
particular device show up as coming from a specific facility (say local3)
so that they get put into the correct logfile on the central server. I've
figured out that I have to define a destination, filter, and log in
syslog-ng.conf but I haven't figured out how to mark all the logs to that
destination with a specific facility. Is that possible?
For reference here's what I'm looking at in terms of destination, filter,
and log definitions in syslog-ng.conf:
destination d_logger {
udp ("xxx.xxx.xxx.xxx" port(514));
};
filter f_all_logs_net {
facility(auth,authpriv,kern,user,daemon,local0 .. local7) and level(warn
.. emerg);
};
log {
source(syslog-ng);
filter (f_all_logs_net);
destination(d_logger);
};
Thanks in advance.
--
-Damien
Damien DeVille
IT Network Engineer
This e-mail, and any attachment, is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, copying, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. The contents of this message may contain personal views which are not the views of Discovery Communications, Inc. (DCI).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20050809/951c30e5/attachment.html
More information about the syslog-ng
mailing list