[syslog-ng] get destination(s) based on log facility and severity

[Gergely Nagy]

Dejan Muhamedagic <dejan at suse.de> writes:

>> We have a kind of machinery which collects syslog logs from
>> several hosts. Currently it works by sending a message using
>> logger(1) to the given facility.severity and then looking up the
>> message in log files in /var/log and a few other directories
>> (using grep).
>> 
>> I'm looking for a more robust and faster way to discover the
>> destination. Would that be possible with syslog-ng? And which is
>> the optimal way to achieve that? An extra syslog-ng option? An
>> extra binary? Or perhaps using logger(1)?

I don't quite get the question, I'm afraid.

So, lets clarify what you have, and what you want to accomplish:

If I understood you correctly, you have a set of hosts sending logs to
wherever, and every hosts' messages end up in the same file (depending
on facility.severity), and you want to split them by host?

-- 
|8]