Hi folks,
Fedora 8 will most likely be including rsyslog as the default syslog
daemon. As such I've been experimenting with it to see how well it works
to replace some of my former uses of syslog-ng. I like how small rsyslog
is and it looks pretty straightforward.
I have a couple of usage issues and some other random questions:
1. Can rsyslog automatically create subdirs for specific log outputs?
For example:
$template myvarname, "/var/log/hosts/%HOSTNAME%/messages"
right now I have to manually make /var/log/hosts/%HOSTNAME%/ as a dir
before any logs will be outputted? Can there be an option to do that
automatically?
2. related to 1 is there a way to set specific file ownerships not just
modes on the logs? I'd like to set the logs to be owned by
root:log_readers and to be 640, along with all directories that it
autocreates. That way no one else can look at the logs and I don't have
to do anything hurky like 'sg' before running rsyslog.
3. I understand the desire to remain config file format compatible with
sysklogd, however it seems like with any more logic being added into the
config you'll end up with progressively more difficult config files. *.*
@@hostname:port is pretty baroque looking as-is. Would it be reasonable
to have a newer config file format/language and do:
PSEUDOCODE
if [ -f /etc/$new-style-format.conf ]; then
conffile=/etc/$new-style-format.conf
else:
conffile=/etc/syslog.conf
fi
?
That way you retain backward compat to the old config file format from
sysklogd and you provide a migration path to a nicer file formats for
the future?
Thanks!
-sv
Fedora 8 will most likely be including rsyslog as the default syslog
daemon. As such I've been experimenting with it to see how well it works
to replace some of my former uses of syslog-ng. I like how small rsyslog
is and it looks pretty straightforward.
I have a couple of usage issues and some other random questions:
1. Can rsyslog automatically create subdirs for specific log outputs?
For example:
$template myvarname, "/var/log/hosts/%HOSTNAME%/messages"
right now I have to manually make /var/log/hosts/%HOSTNAME%/ as a dir
before any logs will be outputted? Can there be an option to do that
automatically?
2. related to 1 is there a way to set specific file ownerships not just
modes on the logs? I'd like to set the logs to be owned by
root:log_readers and to be 640, along with all directories that it
autocreates. That way no one else can look at the logs and I don't have
to do anything hurky like 'sg' before running rsyslog.
3. I understand the desire to remain config file format compatible with
sysklogd, however it seems like with any more logic being added into the
config you'll end up with progressively more difficult config files. *.*
@@hostname:port is pretty baroque looking as-is. Would it be reasonable
to have a newer config file format/language and do:
PSEUDOCODE
if [ -f /etc/$new-style-format.conf ]; then
conffile=/etc/$new-style-format.conf
else:
conffile=/etc/syslog.conf
fi
?
That way you retain backward compat to the old config file format from
sysklogd and you provide a migration path to a nicer file formats for
the future?
Thanks!
-sv