[syslog-ng] filter by date?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon Sep 12 23:11:20 CEST 2005
On Mon, 12 Sep 2005 12:59:04 MDT, scarter at micron.com said:
> filter f_date { match($YEAR-$MONTH-$DAY.*); };
The only way this can do anything "interesting" is if you have machines in
another timezone where it's already tomorrow or still yesterday, or if a
box has a wrong time set ;)
> destination hosts {
> file("/syslog/NT-SYSLOG/HOSTS/$HOST/$MONTH-$DAY-$YEAR"
> owner(root) group(root) perm(0644) dir_perm(0755)
This will auto-roll to a new file as needed, because $DAY will change.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20050912/124c4303/attachment.pgp
More information about the syslog-ng
mailing list