[syslog-ng] Forcing remote syslog request from 1 IP into 1 log file
freebsd at tango.lu
freebsd at tango.lu
Fri Jul 27 09:55:42 UTC 2018
Hello,
I have a syslog server setup which works quite well for most of the
hosts:
destination d_net_debug {
file("/var/log/$HOST/debug"); };
destination d_net_error {
file("/var/log/$HOST/error"); };
This way I dont have to define every host which logs there but they will
be autocreated.
I have a quite misbehaving Asus router device however which keep sending
strings like:
FTP
WAN(11)
WAN(8)
WAN(3)
as host therefore syslog-ng interpret these messages like it would be
coming from different $HOSTs and keep creating directories for them.
2018-07-22T20:45:59+02:00 WAN Connection: Wan link down.
2018-07-24T16:12:20+02:00 WAN Connection: Wan link down.
2018-07-22T20:45:59+02:00 WAN Connection: Wan link down.
2018-07-24T16:12:20+02:00 WAN Connection: Wan link down.
How do I force all the logs into one logfile for this one specific host?
If possible I don't want to change my current rules just extend them.
Thank you.
More information about the syslog-ng
mailing list