Hi,
I'm running 2.0.0-11 (version included with redhat 5.2)
I want to filter all the messages from external syslog devices to one file
and all messages from the localhost to another file.
However even with the -x option turned on when a local service (such as
crond) sends a message to the log the hostname is set to the domain name of
the server.
So I can't use the following to match:
:HOSTNAME, isequal, "localhost" /var/log/messages
:HOSTNAME, !isequal, "localhost" /var/log/externalsyslog
I could replace "localhost" with "dnsname" to get it to work, but I would
like a generic method that will work on all the syslog servers I have.
Is there some switch that will cause rsyslog to report the local services as
sending from localhost or 127.0.0.1 rather than the hostname of the
localhost.
thanks,
niall
I'm running 2.0.0-11 (version included with redhat 5.2)
I want to filter all the messages from external syslog devices to one file
and all messages from the localhost to another file.
However even with the -x option turned on when a local service (such as
crond) sends a message to the log the hostname is set to the domain name of
the server.
So I can't use the following to match:
:HOSTNAME, isequal, "localhost" /var/log/messages
:HOSTNAME, !isequal, "localhost" /var/log/externalsyslog
I could replace "localhost" with "dnsname" to get it to work, but I would
like a generic method that will work on all the syslog servers I have.
Is there some switch that will cause rsyslog to report the local services as
sending from localhost or 127.0.0.1 rather than the hostname of the
localhost.
thanks,
niall