SrikantRajeev
asked on
Syslog Server Configuration
I am running Syslog in one of Linux Servers.
All my network devices dump the logs into this server.
I want to make in such a way that log from a particular device to be sent into a particular folder. Currently all logs are dumped into a single folder.
But I want logs from a particular device to be dumped into a separate folder.
All my network devices dump the logs into this server.
I want to make in such a way that log from a particular device to be sent into a particular folder. Currently all logs are dumped into a single folder.
But I want logs from a particular device to be dumped into a separate folder.
are all devices using the same facility?
local0-7 or are you looking to make the change without alterations to the device configuration? (ref syslog-ng from Larsrohr http:#a37586313)
local0-7 or are you looking to make the change without alterations to the device configuration? (ref syslog-ng from Larsrohr http:#a37586313)
Try syslog-ng first. (like mentioned before, http:#a37586313).
If needed you can also use syslog-ng to dump data though pipes to applications for handling certain messages or put stuff into a database. Or even filter the data before further processing.
If needed you can also use syslog-ng to dump data though pipes to applications for handling certain messages or put stuff into a database. Or even filter the data before further processing.
ASKER
is it possible to make such a way that log from a particular device to be sent to a particular folder in the syslog server
Sure, syslog-ng can do that.
I'm not a current user of syslog-ng, so I may not be able to help much with the details of syslog-ng configuration. But you can take a look at the syslog-ng Administrator Guide.
In particular, section 3.4.1. "Storing messages in plain-text files" describes saving logs to files, which looks easily modifiable to use separate directories for separate hosts, e.g.:
I'm not a current user of syslog-ng, so I may not be able to help much with the details of syslog-ng configuration. But you can take a look at the syslog-ng Administrator Guide.
In particular, section 3.4.1. "Storing messages in plain-text files" describes saving logs to files, which looks easily modifiable to use separate directories for separate hosts, e.g.:
destination d_file {
file("/var/log/$HOST/messages"
template("$HOUR:$MIN:$SEC $TZ $HOST [$LEVEL] $MSG $MSG\n")
template_escape(no));
};ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
It can be configured to help sort your logs in that way.