Thank you for you quick answer. I will stuck with sed, incredibly as it may sound Chef/Puppet/Salt/Ansible/etc are forbidden here.
Philippe -----Message d'origine----- De : [email protected] [mailto:[email protected]] De la part de David Lang Envoyé : mercredi 2 septembre 2015 18:36 À : rsyslog-users Objet : Re: [rsyslog] Using variables to set remote syslog and port On Wed, 2 Sep 2015, Maupertuis Philippe wrote: > Hi, > My rsyslog client configuration should be the same for all my clients except > for the remote syslog server name and port. > I have two options : > Inside the rsyslog.conf deduce them from the local hostname Set them > as environment variable (in /etc/sysconfig/rsyslog perhaps) > > Of course the remote server and port don't change so the logic as to be done > only once at the startup and not for every message. > > Should something like this work : > *.* action(type="omfwd" target="%$!remote_server%" > port="%$!remote_port%" protocol="tcp") Is there a way to use variable > with the "old" syntax > *.** @@"%$!remote_server%:%$!remote_port%" > > My tries were unsuccessful both with the new and the old syntax. > > An important point to consider, I am stuck with rsyslog 7.4 as provided by > redhat/Centos. not all parameters can be variables (performance reasons, there's a cost to looking up the variables for each log message) the only way to do this inside rsyslog is to have if statements based on your hostname. Really, this should be done outside of rsyslog. Create a basic rsyslog config, and then at install time do something like sed -i -e s/REMOTEHOST/1.1.1.1/ -e s/REMOTEPORT/514/ /etc/rsyslog.conf (or use Chef/Puppet/Salt/Ansible/etc to effectively do the same thing) David Lang _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. Ce message et les pièces jointes sont confidentiels et réservés à l'usage exclusif de ses destinataires. Il peut également être protégé par le secret professionnel. Si vous recevez ce message par erreur, merci d'en avertir immédiatement l'expéditeur et de le détruire. L'intégrité du message ne pouvant être assurée sur Internet, la responsabilité de Worldline ne pourra être recherchée quant au contenu de ce message. Bien que les meilleurs efforts soient faits pour maintenir cette transmission exempte de tout virus, l'expéditeur ne donne aucune garantie à cet égard et sa responsabilité ne saurait être recherchée pour tout dommage résultant d'un virus transmis. This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Worldline liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
