[syslog-ng] Noob Question

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sat Dec 15 10:23:23 CET 2007


On Thu, 13 Dec 2007 13:49:52 PST, Chuck said:
> I used this product a long time ago and it looks like its come a long
> way. I had one question - I want to deploy syslog-ng on my syslog box
> and then have all my other servers send standarad syslog message to it
> remotely (my enviornment in a mix of rhel 4, rhel 5, solaris 10, and
> sles 9) Can syslog-ng  parse the standard syslog messages and route
> them to individual files per server w/o adding syslog-ng itself to the
> client systems?

Here's what I use:

destination d_mesg { file("/logs/$HOST/$YEAR/$MONTH/messages-$YEAR-$MONTH$DAY"); };

$HOST gives me a directory per source, and the others give me automagic log
rotation without needing a cron job.

I'm currently catching from a large number of sources - Solaris 8 through 10,
AIX, NetApp's OnTap, Linux (several distros), and even a few HP printers. It
doesn't even need to be "standard" syslogd - all it needs for $HOST to
work is the source IP address (and maybe a PTR entry in the DNS if you want
it to log to readable hostnames rather than IP addresses).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20071215/4b896fed/attachment.pgp 


More information about the syslog-ng mailing list