[syslog-ng] Dynamically Generated Directory Names
Gergely Nagy
algernon at balabit.hu
Fri Jun 10 11:42:11 CEST 2011
Mike <asurfer at iinet.net.au> writes:
> Hello.
>
> I was wondering if when given this file structure on a source server:
>
> /var/log/sudo-io/xx/yy/zz/
>
> where xx, yy and zz are dynamically strings that run from 00 to FF
> inclusive e.g.
>
> /var/log/sudo-io/00/00/00/
>
> /var/log/sudo-io/07/FE/90/
>
> /var/log/sudo-io/0A/BF/D4/
>
> /var/log/sudo-io/FF/FF/FF/
>
> and the files that are located under each instance of
> /var/log/sudo-io/xx/yy/zz/ are:
>
> log
> stderr
> stdin
> stdout
> timing
> ttyin
> ttyout
>
> Is syslog-ng PE capable of recreating that exact same directory
> structure (including the original filenames) on the target (remote) host
> or should I perhaps just opt for rdiff or rsync instead?
Well, if I understood you correctly, then yes, it is possible. But it's
not going to be pretty.
The easiest would be to add the path to the SDATA around the source
side, so /var/log/sudo-io/xx/yy/zz/file would have an "SDATA
filename=xx/yy/zz/file" and then on the destination side, you could do
something like this:
destination d_blah {
file("/var/log/sudo-io/${.SDATA.filename}");
};
But it's probably a lot easier to rdiff or rsync, unless I missed
something.
--
|8]
More information about the syslog-ng
mailing list