[syslog-ng] grouping of sources
Joe Shaw
joe at joeshaw.org
Sun Feb 15 20:40:02 CET 2009
Hi,
On Sun, Feb 15, 2009 at 4:31 AM, Balazs Scheidler <bazsi at balabit.hu> wrote:
> I'll see what I can do about this. What about the following idea:
> * make it possible to mark sources with tags
> * create a filter that matches tags
>
> Then you could do something like:
>
> source s_udp { udp(); tags(net); };
> source s_tcp { tcp(); tags(net); };
>
> filter f_net_messages { tags(net); };
>
> log { flags(catch-all); filter(f_net_messages); destination(...); };
>
> I'd have to work on the syntax a bit more, but I hope the general idea
> is visible.
Ah, interesting. Yes, I think this would work just fine.
Joe
More information about the syslog-ng
mailing list