[syslog-ng] logger-ng needed

Evan Rempel erempel at uvic.ca
Mon Oct 10 16:13:51 CEST 2005


This is a little off topic for syslog-ng, but I bring it up here because
syslog-ng has 90% of the code already written to accomplish this.

I need a tool to get data into my syslog-ng architecture. There are a
number of programs that log to files or that standard output only. I can
use tools like chronolog to manage the rollover of the files but that does
not get the data into syslog-ng. I can pipe the data into "logger
-pxxx.yyy -tag zzz" but this sends all of the messages with the same
priority.

I would like a tool that can filter the input using regular expressions
and then syslog the message to a specified facility.level and tag.

Syslog-ng has all of the code for reading from a variety of sources.
Syslog-ng has all of the code to filter based on regular expressions
All that needs to be added is applying the facility.level, tag and
syslogging the message.

I would like the developers of syslog-ng to consider writing a logger-ng
to go along with it. A sample configuration file is included below just so
that I get all of my thoughts into this one e-mail. If no configuration
file was specified, then it could oporate just like logger, or it could
simply be a new tool rather than a replacement.

Thanks for a great syslog deamon.

Evan Rempel

------------------ example configuration file -------------------------------
source my_app { unix-stream("/tmp/logpipe" tag(my_apps_name)); };
source second_app { file("/var/log/http_access" tag(second_app_name)); };

filter find_errors(match(*error*); }

destination user.info { facility(user); level(info); };
destination user.error { facility(user); level(error); };
destination local4.info { facility(local4); level(info); };
destination local4.error { facility(local4); level(error); };
# perhaps the destinations are predefined as I think they will always be
# the syslog priorities.

log { source(my_app); filter(find_errors); destination(user.error); };
log { source(my_app); destination(user.info); flags(fallback);

log { source(second_app); filter(find_errors); destination(local4.error); };
log { source(second_app); destination(local4.info); flags(fallback);

# the fallback option would only have the scope for the given source. Each
# source would require its own fallback flag.


------------------ end example configuration file ---------------------------



More information about the syslog-ng mailing list