Remote Syslogd
I am trying to filter remote syslog information that is coming from Motherboard Monitor on Windows. If all I do is change syslogd startup options in /etc/rc.conf from syslogd=-u all information is logged to /var/log/daemon. But I would really like the information be routed to something like /var/log/hostname. Here is some sample data in /var/log/daemon: May 18 12:06:24 hostname hostname MBM[Case]: C=95 LA=41 HA=158 L=95 H=95 A=95 May 18 12:06:24 hostname hostname MBM[CPU]: C=87 LA=41 HA=158 L=87 H=87 A=87 May 18 12:06:24 hostname hostname MBM[Core 0]: C=1.51 LA=1.90 HA=2.10 L=1.51 H=1.51 A=1.51 May 18 12:06:24 hostname hostname MBM[+3.3]: C=3.32 LA=3.13 HA=3.46 L=3.32 H=3.32 A=3.32 May 18 12:06:24 hostname hostname MBM[+5.00]: C=5.15 LA=4.75 HA=5.25 L=5.15 H=5.15 A=5.15 May 18 12:06:24 hostname hostname MBM[+12.00]: C=12.03 LA=11.40 HA=12.60 L=12.03 H=12.03 A=12.03 syslogd.conf (I added): +hostname *.* /var/log/hostname But all the data is logged to daemon/message/hostname in /var/log/.
Re: Remote Syslogd
On 5/18/07, djgoku [EMAIL PROTECTED] wrote: I am trying to filter remote syslog information that is coming from Motherboard Monitor on Windows. If all I do is change syslogd startup options in /etc/rc.conf from syslogd=-u all information is logged to /var/log/daemon. But I would really like the information be routed to something like /var/log/hostname. Here is some sample data in /var/log/daemon: May 18 12:06:24 hostname hostname MBM[Case]: C=95 LA=41 HA=158 L=95 H=95 A=95 May 18 12:06:24 hostname hostname MBM[CPU]: C=87 LA=41 HA=158 L=87 H=87 A=87 May 18 12:06:24 hostname hostname MBM[Core 0]: C=1.51 LA=1.90 HA=2.10 L=1.51 H=1.51 A=1.51 May 18 12:06:24 hostname hostname MBM[+3.3]: C=3.32 LA=3.13 HA=3.46 L=3.32 H=3.32 A=3.32 May 18 12:06:24 hostname hostname MBM[+5.00]: C=5.15 LA=4.75 HA=5.25 L=5.15 H=5.15 A=5.15 May 18 12:06:24 hostname hostname MBM[+12.00]: C=12.03 LA=11.40 HA=12.60 L=12.03 H=12.03 A=12.03 syslogd.conf (I added): +hostname *.* /var/log/hostname syslog.conf(5) doesn't make any mention of + prepending that I can find. Can you specify which syslog facility your app should log to? If so, you could instruct it to log to one of the local* levels and direct that to a seperate log file, e.g. local1.* /var/log/hostname DS
Re: Remote Syslogd
On 5/18/07, djgoku [EMAIL PROTECTED] wrote: I am trying to filter remote syslog information that is coming from Motherboard Monitor on Windows. If all I do is change syslogd startup options in /etc/rc.conf from syslogd=-u all information is logged to /var/log/daemon. But I would really like the information be routed to something like /var/log/hostname. The stock syslogd doesn't directly support this type of handling. Logging by originating host, and much more, is available in syslog-ng, available from the ports tree (/usr/ports/sysutils/syslog-ng). It can be a little tricky to get syslog-ng to co-exist with the stock syslogd, or to entirely replace it with syslog-ng. Kevin
Re: Remote Syslogd
On 2007/05/18 14:39, Darren Spruell wrote: syslog.conf(5) doesn't make any mention of + prepending that I can find. + in syslog.conf is a FreeBSD extension, NetBSD picked it up with some other changes (including poll and signals - kqueue/kevent) Neither OpenBSD nor the Linux version I just checked support +; all the non-OpenBSD versions support the allow spaces instead of tabs extension, presumably for the benefit of people who can't read manuals (though how they'll deal with things like differing use of ! if they can't handle tabs, who knows...)
