[syslog-ng] get destination(s) based on log facility and severity

Dejan Muhamedagic dejan at suse.de
Tue Jun 7 18:30:45 CEST 2011


On Tue, Jun 07, 2011 at 06:10:24PM +0200, Gergely Nagy wrote:
> Dejan Muhamedagic <dejan at suse.de> writes:
> 
> > No. The task is to get the destination (log file) for the given
> > facility. Right now I have brute force discovery like:
> >
> > # logger -p facility.info unique_message
> > # grep -l unique_message /var/log/*
> >
> > I'd like to be able to query syslog-ng and get a list of
> > destinations.
> 
> I do not think that's possible to do, save parsing the config file.

But at some point syslog-ng has to decide where to write the
message, right? We'd only need some kind of interface to get that
information. I don't know if it's possible to query syslog-ng, I
guess that there's no infrustructure for that right now. Would
you consider such an extension? Alternatively, one could build a
new binary for just this purpose which would obviously include
configuration parsing. Don't know which approach of the two is
less painful.

> It may be possible to add some debugging stuff to syslog-ng, that would
> echo the information you need, but it's not currently present.
> 
> I also fail to see why this would be useful, but that might just be my
> lack of imagination O:)

This is for a reporting tool for clusters. It collects all the
relevant information from all cluster members and that includes
excerpts from log files. People use all kinds of syslog setups so
the tool needs to figure out which log file is relevant.

Cheers,

Dejan

> -- 
> |8]
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
> 


More information about the syslog-ng mailing list