[syslog-ng] Save ALL logs
Gergely Nagy
algernon at balabit.hu
Tue Jul 5 10:53:12 CEST 2011
Josu Lazkano <josu.lazkano at barcelonamedia.org> writes:
> Hello again, I just installed my new log server and I am configuring to save ALL logs on the log server.
[...]
> destination rdf_all {
> file("/var/log/extern/${HOST}/${YEAR}/${MONTH}/");
> };
You need to specify a file too, not just a directory:
destination rdf_all {
file ("/var/log/extern/${HOST}/${YEAR}/${MONTH}/messages.log");
};
This will put everything that comes in, into the appropriate directory,
into a file called messages.log.
If you want to split the files based on priority, facility or whatever
else, that's best done on the server side. For that, you might want to
look at filters, and possibly multiple destinations. Though, it's not
neccessariy. You could - as an example - use a destination like the
following:
destination d_split {
file ("/var/log/extern/${HOST}/${YEAR}/${MONTH}/${FACILITY}.${PRIORITY}.log");
};
The possibilities are endless!
--
|8]
More information about the syslog-ng
mailing list