I have the following set up to generate Dynamic remote log files.
$template DYNmessages, "/var/log/remote/%HOSTNAME%/messages"
*.info,mail.none,authpriv.none,cron.none ?DYNmessages
Unfortunately some devices log poorly without the hostname for some
syslog messages. This means I'm ending up with lots of useless
directories in /var/log/remote.
If I log everything from a server to a file then it works fine:
if $fromhost == 'server' then /var/log/remote/server/all
As you can see the difference in file sizes as syslog messages are lost:
# ls -l /var/log/remote/server/
total 1724
-rw------- 1 root root 980053 Mar 17 08:57 all
-rw------- 1 root root 773533 Mar 17 08:57 messages
I guess, I'm looking for config suggestions on setting up more robust
dynamic logging for remote hosts.
- Julian
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
$template DYNmessages, "/var/log/remote/%HOSTNAME%/messages"
*.info,mail.none,authpriv.none,cron.none ?DYNmessages
Unfortunately some devices log poorly without the hostname for some
syslog messages. This means I'm ending up with lots of useless
directories in /var/log/remote.
If I log everything from a server to a file then it works fine:
if $fromhost == 'server' then /var/log/remote/server/all
As you can see the difference in file sizes as syslog messages are lost:
# ls -l /var/log/remote/server/
total 1724
-rw------- 1 root root 980053 Mar 17 08:57 all
-rw------- 1 root root 773533 Mar 17 08:57 messages
I guess, I'm looking for config suggestions on setting up more robust
dynamic logging for remote hosts.
- Julian
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com