[syslog-ng]Configure syslog-ng to act as a central logging server

Thu, 31 Mar 2005 10:23:46 -0600

What is the destination?  This syntax is wickedly confusing to me.

Thanks, Ryan

>>>Bill Nash <billn@billn.net> 03/31 10:26 am >>> 

You'll need a log() directive that includes the destination. 

The basic path is: 

Log Source -> Optional Filter -> Destination. 

- billn 

On Thu, 31 Mar 2005, Ryan McCain wrote: 

>Bill, 
> 
>So I can simply add this to my conf. file (modifying owner, group,
perm, 
>dir_perm of course) and it will start accepting logs from remote 
>servers? 
> 
> 
>Where do I specify which hosts to accept logs from (I'd prefer not to 
>use tcp wrappers)? 
> 
>Thanks again, 
>Ryan 
> 
>>>>Bill Nash <billn@billn.net> 03/31 10:15 am >>> 
>On Thu, 31 Mar 2005, Ryan McCain wrote: 
> 
>>I'm starting to understand the syntax.  However, what part of this 
>>statement tells syslog-ng to create a file for each host its receiving

>>logs from? 
> 
>>destination hosts { 
>>file("/var/syslog/HOSTS/$HOST/$YEAR/$MONTH/$HOST-$FACILITY-$YEAR$MONTH$DAY"

> 
>>owner(bob) group(llamafood) perm(0755) dir_perm(0755) 
>create_dirs(yes)); 
> 
> 
>If the file doesn't exist, it will be created. If the directory doesn't

>exist, you need the create_dirs directive. 
> 
>- billn 
> 