Remote Syslog (SOLVED)
tholmes at mcaschool.net
Thu May 26 12:02:14 UTC 2005
> On Wed, 2005-05-25 at 14:03 -0400, Tim Holmes wrote:
> > #send messages from Lancelot to Lancelot.log
> > 192.168.0.225.* /var/log/lancelot.log
> Plain old syslog doesn't support this. The LHS has to be
> <log_facility>.<log_level>. Syslog-ng is far more flexible in this
> respect, you may want to check it out.
> If you want/need to stick to syslog, the traditional approach is
> configuring your log sources to use different facilities that aren't
> used anywhere else, and sort them into different log files using
> syslog.conf. This clearly doesn't scale very well, since you usually
> only have the facilities local0 to local7 at your disposal. But with
> just two log sources, as in your example, it would work well.
> Another approach is having syslog write it all into one big file, and
> running one or more "tail --follow=name" style listeners on that file,
> that grep on content (e.g. the 4th word) and write specific log files.
[Tim Holmes wrote]
Thanks to all who responded. We have decided to take a different
tactic, and we will be logging all of our syslog messages to a dedicated
MYSQL database, which I will then be able to query using webpage tools.
That will be the ideal solution
Thanks again for all your help
More information about the users