Posts

Showing posts from January, 2013

syslog-ng on Ubuntu

Image
Installation


apt-get install syslog-ng


The configuration file is at


/etc/syslog-ng/syslog-ng.conf


Some basic syntax

To define the log to be printed out on all terminals. This normally available in the default configuration file.


destination <identifier> { pipe("/dev/xconsole"); };



To define a file where log should be directed to.


destination <identifier> { file("<file name in full path>"); };



To format the log, you can use template in your destination.


destination <identifier> { file("<file name in full path>" template("$ISODATE:$MESSAGE")); };



If you would like to fully format the logline, you can use $MSGONLY. However, please remember to put a newline character at the end of the template.

Filters can be set based on facility, priority, program name, keyword matching and etc. You can refer to this : http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guides/syslog-ng-ose-v3.3-guide-admin-en.html/index…