[syslog-ng] tags not working
Sandbox
sandboxheh at gmail.com
Mon Jun 19 11:55:51 UTC 2017
Hi,
I would like to transfer/store apache logs, but for some reason i cant tag
them:
I tried:
source s_access {
pipe("/var/log/apache2/pipe_access.log"
tags("testtag"));.
};
or
source s_access {
pipe("/var/log/apache2/pipe_access.log"
program-override("testtag"));.
};
Because it doesn't work with 'tags' i used the apache to format the
message, i put the choosen word to the log format so it stores the correct
place the log on the client and also on the server.
Part of the log:
- [19/Jun/2017:13:46:29 +0200] acc001 127.0.0.1 - - "GET
/server-status?auto HTTP/1.1" 200 1781
If it possible i want to use 'tags' instead of manipulating apache
logformats.
I tried to read the pipes directly, but the above settings doesnt show,
just the above log.
I tried to tcpdump the traffic from client -> server (client side) but
doesn't show any of the settings. It looks like for me, syslog-ng wont tag
my logs.
And i tried to read the stored log with file() and tag it, that doesn't
work neither.
What i am missing?
Thanks, Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170619/9bd6e5b8/attachment.html>
More information about the syslog-ng
mailing list