?
Solved

syslog customization

Posted on 2010-11-30
7
Medium Priority
?
394 Views
Last Modified: 2012-08-13
I am trying to customize syslog server and would like to know if its possible to dedicated logfile per device. lets say facility local7is reserved for network devices how can i split this up to per device ? without switching to another facility (sticking with local7 for all devices.)
0
Comment
Question by:shadow2007
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 34242944
local7 is local7. You can't split it further, not with standard syslog facilities anyway.
0
 

Author Comment

by:shadow2007
ID: 34248627
what abt with rules ? (using syslogd 1.4.1 with cent os 5)
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 34252507
Not with syslogd rules, no. You would have to re-build the entire logging system to introduce more categories
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
LVL 35

Expert Comment

by:Duncan Roe
ID: 34272513
This is an article about how to configure a network syslogd server to store entries from multiple systems. You can store entries from different systems into different directories if you want.
I don't think it helps with your requirements. You can't run multiple syslogd servers on your system pretending to be on different systems - is that what you had in mind?
0
 

Author Comment

by:shadow2007
ID: 34285032
my requirement =  store entries from different systems into different files
can this be done ? if so how ?
0
 
LVL 35

Accepted Solution

by:
Duncan Roe earned 2000 total points
ID: 34287657
If by store entries from different systems you mean different computer systems, then rsyslog is what you want, as per your penultimate post. But that's not what you asked in the Q, so I'll go back to your original question.
You have all devices logging to local7. You have configured syslog so that there is a dedicated log file for all messages in category local7, any priority. Let's say this file is /var/log/local7
If you look at this log file, can you tell which device each message came from?
I'm going to assume you can.
Can you write a grep command which will filter out all and only the lines of interest for a particular device? I'm going to assume you can do that as well. Btw, if you are generating these messages, you can fix them yourself to make the task easier if need be.
Given the above, bow run the required number of scripts of the form:

tail --follow=name /var/log/local7 | grep your_grep_expression_for_device > device/log

The output file naming is up to you - I gave an example of a separate directory per device.
We do something like this at work for a system that generates masses of log entries when in debug mode - syslog is configured to limit he files to a couple of MB and we run logrotate every minute. The tail argument --follow=name means tail keeps reading the latest file (see man tail) but the output log file itself doesn't rotate well because the script doesn't ever close it.
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This installment of Make It Better gives Media Temple customers the latest news, plugins, and tutorials to make their Grid shared hosting experience that much smoother.
This article explains how to use the rsync command to create backups and sync data across hosts. Rsync is a very useful command that is often used to copy data, make backups, migrate hosts, and bridge the gap between site staging and production envi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question