/ets/syslog-ng/syslog-ng.conf
@version: 3.3
@include "/etc/syslog-ng/conf.d/"
options { chain_hostnames(off);
flush_lines(0);
use_fqdn(no);
owner("root");
group("adm");
perm(0640);
stats_freq(0);
bad_hostname("^gconfd$");
keep_hostname(yes);
long_hostnames(on);
create_dirs(yes);
use_dns(yes);
dns_cache(yes);
};
source clients {
unix-stream("/dev/log");
internal();
tcp(ip(0.0.0.0) port(514) max_connections(1000));
udp();
};
destination clientslogs {
file("/var/log/debian-edu/$YEAR$MONTH$DAY/$HOST.auth");
};
log {
source(clients); destination(clientslogs);
};
Wysłanie na zdalnego sysloga
/etc/syslog-ng/syslog-ng.conf
destination loghost { udp("10.1.1.1" port(514)); };
log { source(src); destination(loghost); };
Brak komentarzy:
Prześlij komentarz