I'm wanting to direct logs coming from Elasticsearch to the appropriate destination, locally and on my central log server. Unfortunately, within Elasticsearch, I don't see a way to set anything other than the log facility. I'm running rsyslogd v5.8.6, the latest supported by Ubuntu 12.04. Nothing on my Elasticserach servers is logging to local5. Would it be possible to set the syslogtag (or program name) for anything logging with local5? If so, my existing rsyslog rules would log it to the correct destination both locally and remotely. I realize I could use a template to set the destination on both the local and central servers if local5, however I'd rather not do that should something else now or in the future log at local5 without me realizing it.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
