[syslog-ng] file("/proc/kmsg" program_override("kernel: "));
Tom
tommedema at gmail.com
Mon May 28 17:37:41 CEST 2012
Dear all,
I just started using syslog-ng to pipe log files to Loggly.com.
I have a couple of questions.
First of all, why is there a `: ` after kernel here?
file("/proc/kmsg" program_override("kernel: "));
I have seen people do it differently, like so:
file("/proc/kmsg" program_override("kernel));
Does this matter? And more general, what does the entire rule do exactly?
The following is my syslog-ng.conf file:
https://gist.github.com/2819768
As you can see, I have a lot of log files. Is this the proper way of
doing this? Doesn't it cost a lot of resources for syslog-ng to check
all these files for changes?
Finally, where can I find the documentation? Eg. I would like to learn
about the specifics of follow_freq and what the parameter actually
implies.
Thanks a lot for your help.
Kind regards,
Tom
More information about the syslog-ng
mailing list