rsyslog, log msgs in a different file
R C
cjvijf at gmail.com
Mon Feb 19 01:45:53 UTC 2024
On 2/18/24 18:29, Karl Auer wrote:
> On Sun, 2024-02-18 at 17:40 -0700, R C wrote:
>> actually, what I ended up doing is check the ip address, and use
>> that to move themessages to a specific file.
> You can invert an operation with "!". Maybe you could identify your
> remotes with something like "!isequal 127.0.0.1"? Or identify uor local
> host with "isequal 127.0.0.1".
I have to read a little more about/into it. But in rsyslog, filters etc
is a bit like wireshark filters, you need to have some time and some
advil to wade through it. I have no doubt that there is a way to look
for an exact match for an ip address or hostname, or some reverse lookup
even. It's not elegant to do it that way (brute force checking IPs), but
then again, most things that need to be robust and work typically don't
have a elegance requirement.
> That way, one rule neatly grabs everything that isn't (or is) local,
> and your other rules then distribute the rest.
I am going to check out how the "isequal" in rsyslog filters works with
IPs from the client host (cause it could be the same as that
python/java equal, where if something is equal just "depends" on
how/what and consequently what operator to use.)
>
> Regards, K.
>
regards,
Ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20240218/8c65f811/attachment.html>
More information about the ubuntu-users
mailing list