[syslog-ng] use syslog-ng to monitor just couple of processes

[Hari Sekhon]

?

You don't use syslog-ng in this way. For what you want to do you should
make your application output the information you want to the standard
syslog and use syslog-ng as your logger. Then use filters to extract the
messages you want the launch an external program to email them off to
you or something. That is what I did. A few lines of code, some regex
filtering with syslog-ng definitions is all it takes.

Now you have all the pointers, you can read the docs on filtering,
program(), etc.
Although it sounds like you don't have a good grasp of the whole logging
thing yet so my advice is to read all the syslog-ng docs and faq. They
are worth the read.

-h

Hari Sekhon



Tiger Peng wrote:
>  
>      I have two questions about how to use the syslog-ng to monitor
> just couple of processes.
>      In my case, I try to use some kind of utility to just monitor 4
> to 8 different processes, some of them are system resource, but some
> of them are new developed processes. Here are my questions.
>  
> 1. can I start a seperate syslog-ng, I mean if I can keep syslogd
> running, but start another syslog-ng process to dedicate the service
> for my special purpose.
>  
> 2. I guess syslog-ng has some kind of filter which can filter the
> information, but how can I expand it ability to receive some specific
> information or more field, such as message ID. Is this configurable,
> or I must modify the source to support it.
>  
>     Thanks.
>  
>  
>  
>      David
>  
> ------------------------------------------------------------------------
>
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20061027/6d6f8ee5/attachment.htm