On Thu, 21 Apr 2011, David Berard wrote:
Hi,
We try to centralize logs of approximately twenty servers to
one host with rsyslogd.
The rsyslog server run under RedHat RHEL 5.5 with the rsyslog package of
RedHat (3.22.1-3el5_5.1).
For the ease of maintenance, we prefer to keep the redhat package if
possible.
We want to distibute logs in differents files according to the
hostname of the sender, the facility or the program name.
We try to use filtering by properties and by expression with no luck...
I think this is because our rsyslog version is too old. But can someone
confirm this ?
I try things like this :
:hostname, startswith, "XXXX";programname, isequal, "nginx"
-?DynFileZMProxyNginx
& ~
this format of filers does not allow you to use multiple conditions on one
line, you would have to go to the slower if ( ) type of conditions.
David Lang
:hostname, startswith, "XXXX";:programname, isequal, "nginx"
-?DynFileZMProxyNginx
& ~
if $hostname startswith "XXXX" and $programname isequal "nginx" then
-?DynFileZMProxyNginx
& ~
if $hostname startswith "XXXX" and $programname == "nginx" then
-?DynFileZMProxyNginx
& ~
I always obtain a 'CONFIG ERROR' from rsyslog.
rsyslogd is running with option "-c3"
Is my rsyslog version too old, or do I misunderstand filters usages ?
Is there an other solution for doing the filtering ?
Best regards
David
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
