Remote Syslogging - Ubuntu

Soldato
Joined
24 Feb 2004
Posts
10,243
Location
Hook, Hants
Hi all. I have started playing around with syslogging and setting up a remote syslog server for a number of other Ubuntu servers / appliances.

The remote syslogging server works fine in so far that it writes syslog information from the other servers into its own syslogs, however I would like to separate the information received from each host into its own log e.g. dns1.log, m1000.log.

I've done a little searching around and tweaking but not having much luck. Can anyone give me any pointers?

FYI, I'm using the syslog / syslogd package that comes with Ubuntu server.

Cheers!
 
Associate
Joined
5 Jan 2003
Posts
747
Location
Liverpool/Norwich(NRP)
We're using syslog-ng, I'm not sure what ubuntu server is running.
This is an example of what we've got on our logging server (I've stipped a few bits out):

Code:
@version: 3.0
#Default configuration file for syslog-ng.
#
# For a description of syslog-ng configuration file directives, please read the syslog-ng Administrator's guide at:
#
# http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html
#

options {
       create_dirs(yes);  # if a dir does not exist create it
       owner(root);       # owner of created files
       group(root);       # group of created files
       perm(0600);        # permissions of created files
       dir_perm(0700);    # permissions of created dirs
       chain_hostnames(yes);
       keep_hostname(yes);
       use_fqdn(yes);
};
source s_local {
 internal();
 unix-stream("/dev/log");
 file("/proc/kmsg" program_override("kernel: "));
};

source s_net {
 udp(ip (THIS_HOST_IP) port(514));
};
source s_all {
       udp();                    # remote logs arriving at 514/udp
       unix-stream("/dev/log");  # local system logs
       file("/proc/kmsg");       # local kernel logs
       internal();               # internal syslog-ng logs
};
destination d_hosts {
 file("/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY"
 owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes));
};

# Grid hosts logs
log{
        source(s_local);
        destination(d_hosts);
        flags(final);
};

# this will identify any incoming logs that were
# ignored.
log{
       source(s_net);
       destination(d_hosts);
       flags(final);
};
 
Top Bottom