Hello,
I am using custom python script to process logs, and ban offending IPs:
local0.* action(type="omprog" name="asterisk"
binary="/usr/local/sbin/asterisk.py")
When my script generates some error, I don't see it anywhere in the logs
(but I do see python errors when I run my script
Hello,
I have defined my own template for logging:
$template long-iso,"%$NOW% %timereported:8:15% %syslogtag% %msg%\n"
Which logs in following format:
2021-08-14 05:55:31 sshd[1856]: message
How can I make the %syslogtag% to only log daemon name, without the
[pid] part ?
I am using
Hello,
How can I filter messages that satisfy both conditions at the same time?
:syslogtag, startswith, "dovecot"stop
:msg, startswith, "imap-login " stop
I am using rsyslog 8.1901.0-1 on Debian 10
thanks,
___
rsyslog mailing list
> On 2021-01-15 19:57, John Chivian wrote:
The python script should trap its own stderr (and/or stdout) and write it to a
separate file.
but what if there is syntax error in my script?
Where can I see this error?
thanks,
___
rsyslog mailing list
Hello
I am using omprog, to send logs to my script:
mail.* action(type="omprog" binary="/usr/bin/blacklist.py ... )
If my script generates errors, where can I see these errors? I looked in
my main syslog log file, but there is nothing.
I can run my script from commandline, and see the
Hello,
every time I restart rsyslog, it tries to open network socket on my main
interface eth0 and on 127.0.1.1
I assume this is to resolve my hostname ?
I have added all IPs to /etc/hosts, so that rsyslog does not need to
resolve any hostnames
127.0.0.1localhost
127.0.1.1myhost
> On 2020-06-04 20:00, John Chivian via rsyslog wrote:
From the documentation page...
[omprog] Executes the configured program and feeds log messages to that
binary via stdin. The binary is free to do whatever it wants with the
supplied data. If the program terminates, it is re-started. If
Hello,
I am using omprog to send mail logs to my script:
mail.* action(type="omprog" name="blacklist"
binary="/usr/local/sbin/blacklist.py" template="long-iso")
It works well, but I have noticed that when I stop rsyslog, the script
is not terminated, but continues running. I can see the
Hello,
in my /etc/rsyslog.conf, I am calling external script to handle
mail.* logging:
mail.*action(type="omprog" name="blacklist-postfix"
binary="/usr/local/sbin/postfix.py" template="long-iso")
This custom script processes logs, and writes to /var/log/mail/mail.log
Everything works
Hello,
I am using "ActionOMProgBinary" in my /etc/rsyslog.conf
...
$ActionOMProgBinary /usr/local/sbin/blacklist.py
...
mail.* :omprog:
...
Now I actually need to define 2 different binaries, and call one for
mail.* and the other for auth.*
How could I do this ?
I am using rsyslog
10 matches
Mail list logo