[syslog-ng] Cisco boxes and syslog-ng
sawall
sawall at gmail.com
Wed Sep 7 15:31:25 CEST 2005
set up your source:
source src { unix-stream("/dev/log"); internal();
udp(ip(0.0.0.0<http://0.0.0.0>)
port (514)); };
set up a simple filter:
filter f_syslog { not facility(auth, authpriv) and not facility(mail) ; };
and set up the destination file be a new file for each new host:
destination syslog { file("/var/log/HOSTS/$HOST"); };
and don't forget the log statement:
log { source(src); filter(f_syslog); destination(syslog); };
chris
On 9/7/05, Joost greene <joost.greene at gmail.com> wrote:
>
> Hello,
>
> I have different sets of devices, dslams, nas, core routers, customer
> routers,...
>
> i want to syslog them all, i want to make each device log to a file
> separately to ease it up for NOC, someone suggested syslog-ng, frankly, i
> got quickly lost in its docs, the syntax isnt clear, how can i just easily
> specify to let it log per source into different files ?
>
> Regards,
> Joost
>
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20050907/b2df29ec/attachment.htm
More information about the syslog-ng
mailing list