[syslog-ng] I need to add more facilities
Kevin
kkadow at gmail.com
Fri Oct 21 08:03:25 CEST 2005
On 10/20/05, Yan M. <yannnick_m at yahoo.com> wrote:
> searching through the documentation, FAQ, README
> and INSTALL I didnt find anywhere mentionned that I can
> create new facilities.
>
> I read that syslog-ng has the same facilities than syslog in Solaris.
Technically, syslog-ng has the same facilities as all
standards-compliant syslog daemons, because the facility range is
defined in RFC 3164
There are only 24 legal values for the facility, and eight legal
values for severity.
> What I want to do is to have more facilities, with significative names
> like httpd0, httpd1, httpd2, httpd3.....and so on to httpd50.
>
> This is to split message received from my apache VirtualHosts AccessLog and
> ErrorLog
How would you cause Apache to generate "syslog" messages with
non-standards-conformant facility values, corresponding to your
virtual hosts?
> I dont want to filter using regexp, only with facility
One ugly hack to accomplish what you ask would be to use the standard
facilities and severities to indicate which virtual host sourced the
traffic. So "kern.debug" would be httpd0, kern.info would be httpd1,
and local7.emergency would be httpd191
It might be easier to just use regex.
Kevin Kadow
More information about the syslog-ng
mailing list