On May 2, 2007, at 4:54 PM, Michael O'Keefe wrote:
You can use regular expressions with syslog-ng to decide where the information goes, including where the log came from if you're using a central logging server.
We use this to great effect on our central logging server. With it, you can do things like have all your imap logs go to one file, while postfix goes to another file, and postfix from the incoming gateway goes to yet another file.
Use matching filters based on priority, facility, program name, regexp in the log message itself, regexp on host names or IP addresses, etc. Additionally useful is the ability to send to multiple diverse targets, such as mysql and postgresql databases, other syslog servers (UDP), other syslog-ng servers (TCP or UDP), and so on.
Syslog-ng is extremely flexible in ways that are very useful for environments where you need to keep track of things. We dump everything into a mysql database and use phpsyslog-ng (i think) as a web front-end for doing searches on the logs. (http://www.vermeer.org/ projects/php-syslog-ng)
Gregory -- Gregory K. Ruiz-Ade <[EMAIL PROTECTED]> OpenPGP Key ID: EAF4844B keyserver: pgpkeys.mit.edu
PGP.sig
Description: This is a digitally signed message part
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
