[syslog-ng] filtering per device
Balazs Scheidler
bazsi at balabit.hu
Sat Apr 30 23:09:12 CEST 2011
On Wed, 2011-04-20 at 07:40 +0200, Gergely Nagy wrote:
> vijay <bhaskarpeddi at gmail.com> writes:
>
> > Hi All,
> >
> > I have 4 cisco devices having ip addresses for example
> >
> > 10.1.1.1
> > 10.1.1.2
> > 10.1.1.3
> > 10.1.1.4
> >
> > already i have filtering option such that only above informational
> > level(level 6) will be captured.I have new requirement that to capture
> > informational logs also of 10.1.1.4 not other devices.How to do that.
>
> Use the host() filter.
>
> filter f_host4 { level(info); host("10.1.1.4"); };
>
> Or somehting like that.
>
... or the $HOST macro in your destination file names.
--
Bazsi
More information about the syslog-ng
mailing list