[syslog-ng] Source udp driver and flags
Lars Kellogg-Stedman
lars at oddbit.com
Wed Nov 10 15:17:16 CET 2010
> Someone would have an idea for that "problem" ?
Perhaps there's a better way, but...
You could give your log server multiple ip addresses, and then bind
your sources explicitly:
source s_1 {
udp( ip(192.168.1.20) flags(no_parse) );
}
source s_2 {
udp( ip(192.168.1.21) );
};
Then configure a different syslog server address into each device
depending on whether you want to run the logs through the parser or
not.
More information about the syslog-ng
mailing list