[syslog-ng] Auto routing to specific relay based on hostname
Gergely Nagy
algernon at balabit.hu
Wed Aug 22 11:25:12 CEST 2012
sagar naravane <sagar.naravane at gmail.com> writes:
> I am a newbie to syslog-ng solution. I am trying to create a common config
> file to be distributed across client machines in San Jose, Dallas and
> Dublin colos. Every colo has 1 dedicated relay which forwards log data to a
> central server
>
> (SJ|DU|DA)_ client --> (SJ|DU|DA)_ relay --> SYSLOG-NG server
>
> the clients located in these colos have sj,du & da in their hostnames eg
> da1xxx058, du1xxx059, sj1xxx060. I want to setup the config in a way that
> based on hostname the config decides what relay to connect to.
>
> Is this possible ?
Yep, it is.
One way to do it is to use filters: you set up a filter that matches
each colo, and set up your destinations so that each message that
matches a given colo filter, goes to the appropriate relay.
Something along these lines:
filter f_colo_sj { host("^sj"); };
filter f_colo_du { host("^du"); };
filter f_colo_da { host("^da"); };
destination d_relay_sj { ... };
...
log {
source(s_local);
filter(f_colo_sj);
destination(d_relay_sh);
flags(final);
};
log {
source(s_local);
filter(f_colo_du);
destination(d_relay_du);
flags(final);
};
...and so on and so forth. The disadvantage here is that you need a
filter and a destination for each relay, but with only 3 relays, that's
bearable.
--
|8]
More information about the syslog-ng
mailing list