Can stock syslog do hostA -> fileA?
Jeffrey Goldberg
jeffrey at goldmark.org
Thu Feb 26 07:27:59 PST 2009
On Feb 26, 2009, at 8:19 AM, Paul Halliday wrote:
> I am collecting syslogs from a PIX and a couple of Barracudas. It
> would be a lot easier for each to have their own logfile. I have been
> poking around a bit; I saw this one:
>
> +host1 /var/log/host1
>
> but it doesn't appear to work.
Years ago I tried and failed at the same. Since then, I've moved to
syslog-ng which I've been extremely happy with.
Here is the bit in my syslog-ng.conf file for logging things from
remote hosts
# for stuff from remote hosts:
destination hosts {
file("/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY-$YEAR$MONTH
$DAY"
owner(daemon) group(wheel) dir_owner(daemon) dir_group(wheel)
perm(0640) dir_perm(0750) create_dirs(yes));
};
log {
source(s_udp);
destination(hosts);
};
Cheers,
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
More information about the freebsd-questions
mailing list