[syslog-ng] Get host IP inside source { file ( ); } driver

[Gergely Nagy]

>>>>> "Fabien" == Fabien Wernli <wernli at in2p3.fr> writes:

    Fabien> Hi,
    Fabien> On Thu, Feb 26, 2015 at 12:02:36PM +0530, Thanuje Ashwin Nallaperuma wrote:
    >> I want to read a file which is in the name of the IP of syslog-ng client
    >> machine
    >> I tried with $HOST macro
    >> 
    >> source { file (/mnt/$HOST); };
    >> 
    >> But this does not work
    >> Any help on doing this ?

    Fabien> I guess the file() source doesn't expand templates, so it actually tries to
    Fabien> open a file called "/mnt/$HOST" (literally).
    Fabien> If you're using  relatively recent version of syslog-ng (starting 3.2 I
    Fabien> *think*) you should be able to achieve this however using environmental
    Fabien> variables (see chapter 5.6 from the v3.6 guide):

    Fabien> | source { file (/mnt/`HOSTNAME`); };

There are other solutions, too, with different drawbacks:

The config management way
=========================

If you're using Chef, Puppet or the like, you can drop a file in
/etc/syslog-ng/conf.d/, say, host.conf with the following content:

@define my-ip "1.2.3.4"

(Obviously, the value would be the actual IP address).

Then, in syslog-ng.conf, you can @include
"/etc/syslog-ng/conf.d/host.conf", and use `my-ip` where you'd use
$HOST.

The advantage of this, over environment variables is that you don't need
an environment variable, and all configuration is contained within
/etc/syslog-ng, using syslog-ng.conf syntax. It's all in one place.

The confgen way
===============

@module confgen context(source) name(host-file) exec("/usr/local/bin/syslog-ng-host-ip")

source s_hostfile { host-file(); };

And in /usr/local/bin/syslog-ng-host-ip:

#! /bin/sh
cat <<EOF
file("/mnt/$(hostname -i)/file.log");
EOF

The advantage of this is that you do not need to generate a file, and
can use the same generator on all hosts. The downside is that it's a bit
ugly. Yet, configuration is still entirely in one place.

-- 
|8]