Hi, I'm running Redhat 6.6, and rsyslog 5.8.10
Configuration under /etc/rsyslog.d/custom.conf is found in the bottom Can anyone please help me to understand how I can make sure that files and folders created by template "DynFile" are created for user "splunk" and group "splunk"? Right now they are owned by root by default. The original /etc/rsyslog.conf are untouched (bundled with Redhat 6.6) Best regards Johan # Provides UDP syslog reception $ModLoad imudp $UDPServerRun 514 # Provides TCP syslog reception $ModLoad imtcp $InputTCPServerRun 514 $template TimeStamp,"%timegenerated:::date-rfc3339% %TIMESTAMP% %HOSTNAME% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n" $template DynFile,"/var/logging/syslog/HOSTS/%fromhost-ip%/syslog.log" :fromhost-ip , !isequal , "127.0.0.1" ?DynFile;TimeStamp :fromhost-ip , !isequal , "127.0.0.1" ~ _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
