[syslog-ng] get destination(s) based on log facility and severity
Dejan Muhamedagic
dejan at suse.de
Wed Jun 8 09:26:33 CEST 2011
Hi Scott,
On Wed, Jun 08, 2011 at 11:29:33AM +1100, Scott Rochford wrote:
> > This is for a reporting tool for clusters. It collects all the
> > relevant information from all cluster members and that includes
> > excerpts from log files. People use all kinds of syslog setups so
> > the tool needs to figure out which log file is relevant.
>
> It sounds to me like you are trying to work around a poorly configured
> environment. You would do much better in the long run to harmonise the
> logging configuration of your servers so that they are identical, or at
> least very similar.
Well, I wish that would be possible. If you figure out how to
make humanity more uniform, let me know ;-) Seriously though,
it's amazing the number of different (and most interesting)
setups one can see.
> Have you considered simply using a central logging server and adding
> something to the configuration on each of the clients to send the logs
> which you are interested in to that central server? That would be the
> typical way of achieving what you describe.
For me it would also be the first option to use a log host, but
for whatever reason almost nobody's doing that. At least judging
by the traffic on our ML. Of course, in that case too people use
varying facilities and destinations.
Cheers,
Dejan
> Regards,
>
> Scott
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
More information about the syslog-ng
mailing list