Navigation : Top / syslog-ng

  • The added line is THIS COLOR.
  • The deleted line is THIS COLOR.
*syslog-ngの設定 [#e6f7dc5f]
New Generationだけあって,syslogとは設定がずいぶん違う.

* 設定 [#n63e03f9]
- /etc/syslog/syslog-ng.conf
- dhcp, nfs, smb関係のログを分けたかったので以下を追加./etc/rc.d/syslog-ng restart
filter f_dhcp       { match("dhcp"); };
filter f_samba      { match("smbd"); };
filter f_nfs        { match("rpc.mountd"); };
filter f_messages   { not facility(news, mail) and not filter(f_iptables) and not filter(f_dhcp) and not filter(f_samba) and not filter(f_nfs);
};
# dhcplog
destination dhcp { file("/var/log/dhcpd.log"); };
log { source(src); filter(f_dhcp); destination(dhcp); };
# nfs
destination nfs { file("/var/log/nfsd.log"); };
log { source(src); filter(f_nfs); destination(nfs); };
 filter f_dhcp       { match("dhcp"); };
 filter f_samba      { match("smbd"); };
 filter f_nfs        { match("rpc.mountd"); };
 filter f_messages   { not facility(news, mail) and not filter(f_iptables) and not filter(f_dhcp) and not filter(f_samba) and not filter(f_nfs);};
 # dhcplog
 destination dhcp { file("/var/log/dhcpd.log"); };
 log { source(src); filter(f_dhcp); destination(dhcp); };
 # nfs
 destination nfs { file("/var/log/nfsd.log"); };
 log { source(src); filter(f_nfs); destination(nfs); };


* LINK [#ha8ff365]
- [[本家:http://www.balabit.com/products/syslog_ng/reference-1.6/syslog-ng.html/book1.html]] (必要な情報は大体ここにある)