Hello all,
First of all, let me apologize in advance for the somewhat newbie-ish
nature of this question. I'm sure there's an easy way to solve my
problem, but I've been looking for an answer for weeks now without being
able to find one.
Here's the deal;
A friend and I am currently working as interns at a company.We've been
tasked with setting up a central logging service for one of their test
environments. Getting rsyslog to write to the log server is the easy
part. What we're having trouble with is setting it up (both on server
and client side) so that
1) All the log files are written per host. IE, we want rsyslog to write
seperate log files based on the host from which the logs are being sent.
Say we have 10 machines, each called host01 to host 10. We want all the
log information from host01 to be written to /var/log/host01/logfile.log
and so on. We've tried achieving this using templates and the :hostname,
isqueal, "host01" feature, but we just can't get it to work. Most likely
we've not used the correct syntax in the rsyslog.conf file.
2) We want all log information containing a certain string to be written
to separate log files as well. So everything containing 'zyx' should be
written to /var/log/host01/zyx.log and everything containing 'abc'
should be written to /var/log/host01/abc.log and so on.
As I said, I'm certain there are easy ways to achieve this using
rsyslog, but we're too inexperienced at using the app to know how to do
it. Hopefully someone on here can help us out a bit. :)
Thanks in advance,
Erik Tengblad
First of all, let me apologize in advance for the somewhat newbie-ish
nature of this question. I'm sure there's an easy way to solve my
problem, but I've been looking for an answer for weeks now without being
able to find one.
Here's the deal;
A friend and I am currently working as interns at a company.We've been
tasked with setting up a central logging service for one of their test
environments. Getting rsyslog to write to the log server is the easy
part. What we're having trouble with is setting it up (both on server
and client side) so that
1) All the log files are written per host. IE, we want rsyslog to write
seperate log files based on the host from which the logs are being sent.
Say we have 10 machines, each called host01 to host 10. We want all the
log information from host01 to be written to /var/log/host01/logfile.log
and so on. We've tried achieving this using templates and the :hostname,
isqueal, "host01" feature, but we just can't get it to work. Most likely
we've not used the correct syntax in the rsyslog.conf file.
2) We want all log information containing a certain string to be written
to separate log files as well. So everything containing 'zyx' should be
written to /var/log/host01/zyx.log and everything containing 'abc'
should be written to /var/log/host01/abc.log and so on.
As I said, I'm certain there are easy ways to achieve this using
rsyslog, but we're too inexperienced at using the app to know how to do
it. Hopefully someone on here can help us out a bit. :)
Thanks in advance,
Erik Tengblad