Re: issues with syslogd include redirecting wg0 output to custom location

Reply: fuxjez : "Re: issues with syslogd include redirecting wg0 output to custom location"
In reply to: fuxjez : "issues with syslogd include redirecting wg0 output to custom location"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Miroslav Lachman <000.fbsd_at_quip.cz>
Date: Tue, 17 Sep 2024 12:09:03 UTC

On 17/09/2024 13:06, fuxjez wrote:

[..]

> and have since attempted to redirect the "wg0" logs to 
> /var/ramdisk_log/wireguard.log by using these syslog includes:
> 
> :msg, contains, ".*wg0: .*"
> *.*                                /var/ramdisk_log/wireguard.log
> 
> and
> 
> :msg, regex, "wg[0-9]{1,2}\:\ "
> *.*                                /var/ramdisk_log/wireguard.log
> 
> Unfortunately, the includes are not redirecting the wg0 logs to my 
> preferred location (the includes are placed in 
> /etc/syslog.d/wireguard.conf which is parsed by syslogd) and I'm out of 
> ideas / logs on how to further troubleshoot why the logstream doesn't 
> get redirected :(

I never used property based filters in syslog.conf.
Is it possible for you to use just classic style?
For example I use following to have separate log file for messages from 
pkg (install / upgrade / delete):

!-pkg,pkg-static
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err 
/var/log/messages

!pkg,pkg-static
*.*                                  /var/log/pkg.log

But I don't know how your wg0 debug entries are identified in the 
messages log.

Kind regards
Miroslav Lachman