[syslog-ng] get destination(s) based on log facility and severity
Dejan Muhamedagic
dejan at suse.de
Tue Jun 7 18:01:28 CEST 2011
On Tue, Jun 07, 2011 at 05:38:07PM +0200, Gergely Nagy wrote:
> Dejan Muhamedagic <dejan at suse.de> writes:
>
> >> We have a kind of machinery which collects syslog logs from
> >> several hosts. Currently it works by sending a message using
> >> logger(1) to the given facility.severity and then looking up the
> >> message in log files in /var/log and a few other directories
> >> (using grep).
> >>
> >> I'm looking for a more robust and faster way to discover the
> >> destination. Would that be possible with syslog-ng? And which is
> >> the optimal way to achieve that? An extra syslog-ng option? An
> >> extra binary? Or perhaps using logger(1)?
>
> I don't quite get the question, I'm afraid.
>
> So, lets clarify what you have, and what you want to accomplish:
>
> If I understood you correctly, you have a set of hosts sending logs to
> wherever, and every hosts' messages end up in the same file (depending
> on facility.severity), and you want to split them by host?
No. The task is to get the destination (log file) for the given
facility. Right now I have brute force discovery like:
# logger -p facility.info unique_message
# grep -l unique_message /var/log/*
I'd like to be able to query syslog-ng and get a list of
destinations.
Cheers,
Dejan
> --
> |8]
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
More information about the syslog-ng
mailing list