Hi,
I am running 4.2.2 on CentOS 5.4 x64. I have one relay and one central server. Clients run stock syslogd/klogd and send logs over UDP to the relay. The relay is configured to relay over TLS/TCP to the central server. The communication so far works ok between all the components but I am still grappling with file/directory naming issues. On the relay, I do a very simply forwarding, without any explicit templates: ---xxxx--- *.* @@(z9)logmaster:10514 ---xxxx--- On the central server, the messages are caught this way: ---xxxx--- $template DynFile,"/var/rsyslog/logs/%hostname%/%programname%.log" *.* -?DynFile ---xxxx--- This work ok for most apps except that a goof-up in syslogd on the client generates these directories on the central server: [r...@logmaster logs]# ls -lR exiting/ exiting/: total 4 -rw-r--r-- 1 root root 47 Dec 4 15:12 on.log [r...@logmaster logs]# ls -lR syslogd/ syslogd/: total 4 -rw-r--r-- 1 root root 69 Dec 4 15:12 1.4.1.log How do I fix this? Second, I want to segregate the logs per site. I read this doc but it wasn't clear how do handle different sites A, B, C ....Z. How do I group hosts into a site-X? http://wiki.rsyslog.com/index.php/Splitting_messages_based_on_a_site_ID Thanks, Siddhartha _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
