[syslog-ng] Rediecting logs
abhay singh
abhay.asingh at gmail.com
Tue Apr 20 12:15:18 CEST 2010
I have made that changes and restarted syslog services even though its not
working///
Now its like this
options {
long_hostnames(off);
sync(0);
perm(0640);
stats(3600);
keep_hostname(yes);
};
source s_external {
udp(port(514));
#udp(ip("192.168.114.129") port(514));
#udp(ip("0.0.0.0") port(514));
}; # Specific
source s_stunnel {
tcp(ip("127.0.0.1")
port(514)
max-connections(1));
};
destination d_external { file("/data/extract/syslogs/$HOST_syslog.log" \
owner(cubot) group(users) perm(0600) dir_perm(0700) create_dirs(yes)
template("$DATE $FULLHOST $PROGRAM $TAG [$FACILITY.$LEVEL] $MESSAGE \n")
);
};
destination d_stunnel{ file("/data/extract/syslogs/$HOST/$HOST_syslog.log" \
owner(cubot) group(users) perm(0600) dir_perm(0700) create_dirs(yes)
template("$DATE $FULLHOST $PROGRAM $TAG [$FACILITY.$LEVEL] $MESSAGE \n")
);
};
log { source(s_external); destination(d_external); };
log { source(s_stunnel); destination(d_stunnel); };
On Tue, Apr 20, 2010 at 1:55 PM, Alan McKinnon <Alan.McKinnon at is.co.za>wrote:
> On Tuesday 20 April 2010 08:38:51 abhay singh wrote:
> > Hi All,
> >
> > I have made changes in syslog-ng.conf to redirect logs coming from other
> > server to some specified log file and in some format
> >
> > source s_external {
> > udp(port(514));
> > };
> > source s_stunnel {
> > tcp(ip(127.0.0.1) port(514));
> > };
> >
> > destination s_external { file("/mydir/syslogs/$HOST_syslog.log" \
> > owner(user) group(group) perm(0600) dir_perm(0700) create_dirs(yes));
> > };
> >
> > destination s_stunnel { file("/mydir/syslogs/$HOST/syslog.log" \
> > owner(user) group(group) perm(0600) dir_perm(0700) create_dirs(yes));
> > };
> >
> > log { source(s_external); destination(s_external); };
> > log { source(s_stunnel); destination(s_stunnel); };
> >
> > But my log file is being created with name "syslog.log" and not as
> > "<hostnmae/ip>_syslog.log" neither $HOST directory made, what may be the
> > issue?
> >
> > Globle options are
> >
> > option{
> >
> > long_hostname(off);
> > sync(0);
> > }
>
>
> Your sources and destinations have the same name. That is not allowed.
>
> Rename the destinations to d_<something>
>
> --
> Alan McKinnon
> Systems Engineer^W Technician
> Infrastructure Services
> Internet Solutions
>
> +27 11 575 7585
>
> Please note: This email and its content are subject to the disclaimer as
> displayed at the following link
> http://www.is.co.za/legal/E-mail+Confidentiality+Notice+and+Disclaimer.htm.
> Should you not have Web access, send a mail to disclaimers at is.co.za and a
> copy will be emailed to you.
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
--
Regards..
Abhay Singh..
91-98804-55587
Sr. Software Engineer.
Robust Designs India Pvt Ltd.
Bangalore
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20100420/3d7e7a17/attachment.htm
More information about the syslog-ng
mailing list