How to separate log files by host name of sending device?
Question:
I have activated remote logging and receiving syslog messages from several devices. I want to write a separate log file for each device sending syslog messages. How to achieve that?
Answer:
It is pretty easy. You can use dynaFiles for it. With them, you specify a template as the file name. For each message, the filename is re-generated and the output written to the respective file. Read the config file doc for details, but it basically is:
$template DynaFile,”/var/log/system-%HOSTNAME%.log”
*.* -?DynaFile
rsyslog 5.5.5 (devel)
rsyslog 5.5.5 (devel)
md5sum: bd432dd7307312330962adaecc0d0e0a
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.5.5 File size: 2.10 MB
rsyslog 4.7.2 (v4-devel)
Download file name: rsyslog 4.7.2 (v4-devel)
rsyslog 4.7.2 (devel)
md5sum: 15b5dd2330b1ec4943f32032d388d2a7
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.7.2 File size: 2.01 MB
rsyslog 4.7.1 (v4-devel)
Download file name: rsyslog 4.7.1 (v4-devel)
rsyslog 4.7.1 (devel)
md5sum: 3875a3ab0f57b5a5ba4aeaad91432058
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.7.1 File size: 2.01 MB
rsyslog 5.5.3 (devel)
Download file name: rsyslog 5.5.3 (devel)
rsyslog 5.5.3 (devel)
md5sum: e6ba3c98c8f6b1b4b490d916b9b75afc
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.5.3 File size: 2.10 MB
rsyslog 4.6.2 (v4-stable)
Download file name: rsyslog 4.6.2 (v4-stable)
4.6.2 (v4-stable)
md5sum: eca0d335736fb1554df70615d9e6f482
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.6.2 File size: 1.99 MB
rsyslog 5.4.0 (v5-stable)
Download file name: rsyslog 5.4.0 (v5-stable)
5.4.0 (v5-stable)
md5sum: 291882229d50496f42bd63174076dd37
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.4.0 File size: 2.03 MB
rsyslog 4.6.1 (v4-stable)
Download file name: rsyslog 4.6.1 (v4-stable)
4.6.1 (v4-stable)
md5sum: 50e8271c5940782961ed99bad8711c20
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.6.1 File size: 1.97 MB
Simple forwarding with rsyslog (video tutorial)
| A quick introduction (~5 minutes) into basic UDP/TCP forwarding of messages with rsyslog. This shows how to extend a standard rsyslog.conf (on Debian 5 in this sample, but applies to all other distros, too) to support forwarding of messages. Continue reading “Simple forwarding with rsyslog (video tutorial)” |
Using rsyslog templates (video tutorial)
| In this ~5 minute video Rainer Gerhards describes what templates are, where they can be used and what they can contain. This is a life demo showcasing how things are actually done (carried out using Debian 5). Continue reading “Using rsyslog templates (video tutorial)” |