[syslog-ng] syslog-ng 3.4 confgen how to?
Balazs Scheidler
bazsi77 at gmail.com
Tue Apr 23 20:57:22 CEST 2013
and there's the $LOGHOST macro which expands to the local hostname
bazsi at bzorp:~/zwa/work/syslog-ng-ose-3.4/syslog-ng-ose/lib$ git show
50d3289f
commit 50d3289f418f407f592d2b025e989a46840a3f76
Author: Balazs Scheidler <bazsi at balabit.hu>
Date: Thu May 5 21:03:47 2011 +0200
templates: added $LOGHOST macro
This patch adds a new macro "$LOGHOST" which expands to the name of
the local hostname, as returned by the hostname command.
Signed-off-by: Andreas Piesk <a.piesk at gmx.net>
Signed-off-by: Balazs Scheidler <bazsi at balabit.hu>
diff --git a/lib/templates.c b/lib/templates.c
index 897365c..a3b85cf 100644
--- a/lib/templates.c
+++ b/lib/templates.c
@@ -59,6 +59,8 @@ enum
M_SEQNUM,
M_CONTEXT_ID,
+ M_LOGHOST,
+
M_DATE,
M_FULLDATE,
M_ISODATE,
@@ -181,6 +183,9 @@ LogMacroDef macros[] =
{ "MSG", M_MESSAGE },
{ "MESSAGE", M_MESSAGE },
{ "HOST", M_HOST },
+
+ /* message independent macros */
+ { "LOGHOST", M_LOGHOST },
{ NULL, 0 }
};
@@ -414,6 +419,14 @@ log_macro_expand(GString *result, gint id, gboolean
escape, LogTemplateOptions *
}
break;
}
+ case M_LOGHOST:
+ {
+ gsize hname_len;
+ const gchar *hname = get_local_hostname(&hname_len);
+
+ result_append(result, hname, hname_len, escape);
+ break;
+ }
default:
{
/* year, month, day */
On Wed, Apr 17, 2013 at 12:52 PM, Gergely Nagy <algernon at balabit.hu> wrote:
> Evan Rempel <erempel at uvic.ca> writes:
>
> > First thing is that the confgen module is not in the documentation :-(
>
> It's not easy to document it :)
>
> > Second thing is that I am having problems using the confgen module
> >
> >
> > @module confgen context(source) name(myself) exec("/bin/hostname")
> > source primary { tcp( localip( myself() ) port(514) ); };
> > log { source(primary); destination(d_my_dest); };
> >
> >
> > works like a charm and listens on the IP address of my hosts primary
> interface.
> >
> > But this will not work.
> >
> > @module confgen context(source) name(myself) exec("/bin/hostname")
> > source self { tcp(localip(localhost) port(1514) );
> > };
> > rewrite r_self {
> > set( "myself()", value("HOST") );
> > };
> > log {
> > source(self); rewrite(r_self);
> > };
>
> In the second case, you will have to change the context(source) to
> context(rewrite), and unquote myself().
>
> You can test the expansion with:
> syslog-ng -s --preprocess-into=/dev/stdout -f /path/to/syslog-ng.conf
>
> With the context changed and myself() unquoted, the above expands to:
>
> ,----
> | @module confgen context(rewrite) name(myself) exec("/bin/hostname")
> | source self { tcp(localip(localhost) port(1514) );
> | };
> | rewrite r_self {
> | set( hadhodrond
> | , value("HOST") );
> | }};
> | log {
> | source(self); rewrite(r_self);
> | };
> `----
>
> That should work, I think, but I haven't tested it.
>
> The basic idea behind confgen, though, is that it generates
> syslog-ng.conf snippets, which are then inserted into the buffer as if
> it was there like that to begin with, so the parser will go through it
> too.
>
> > What I am trying to do is accept TCP connections from applications on
> the host, and change the SOURCEHOST to
> > be the actual host name rather than the text "localhost".
>
> I'd probably do it in a very different way: using template(), because
> that's more efficient than rewrite.
>
> --
> |8]
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
--
Bazsi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20130423/bab2bc21/attachment.htm
More information about the syslog-ng
mailing list