shivai/rsyslog.md

Last active April 5, 2019 11:10

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/shivai/7df4fc9d3dab6a36e487835ba83b982c.js"></script>
Save shivai/7df4fc9d3dab6a36e487835ba83b982c to your computer and use it in GitHub Desktop.

Download ZIP

Raw

rsyslog.md

RSYSLOG

rsyslog is a tools for writing logs in log files, rsyslog by default listens on 514 port. The config file is in:

nano /etc/rsyslog.d/my_log.conf

You can write many rules in it like this:

$template mydirectory_1,"/var/log/prod1/%FROMHOST-IP%/%syslogfacility-text%.log"
$template mydirectory_2,"/var/log/prod2/%FROMHOST-IP%/%syslogfacility-text%.log"
$outchannel my_warning,/var/log/my_log/warning.log


if $fromhost-ip=='172.16.111.111' then ?mydirectory_1
if $fromhost-ip=='172.16.111.222' then ?mydirectory_2
...

if $hostname startswith 'myhost' and $msg contains 'Warning:' then :omfile:$my_warning
& stop

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment