Create separated syslog file for each host with rsyslog

logging configuration syslog rsyslog
31,301

It seems it is documented on rsyslog web site here : https://www.rsyslog.com/storing-and-forwarding-remote-messages

To summarize :

You should define a template for log files, something like e.g :

# log every host in its own directory
$template RemoteHost,"/var/syslog/hosts/%HOSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/syslog.log"

Then apply this template to messages coming from remote hosts :

# Remote Logging
$RuleSet remote
*.* ?RemoteHost
Share:
31,301
eden881
Author by

eden881

Updated on September 18, 2022

Comments

  • eden881
    eden881 over 1 year

    I have a syslog server (running rsyslog on RHEL 7.4) that consolidates all the syslogs from my network devices. It's listening on port TCP/514.

    I want to redirect the logs of each device to a different file in a dedicated directory (based on their IP address), instead of getting them all in /var/log/messages. How can I do that?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Accidentally deleted /var/log/syslog
rsyslog: Log some messages only to specific file
How to configure rsyslog to log into PostgreSQL without too much latency?
Wildcard support for InputFileName in rsyslog?
rsyslog: How do I direct messages from all remote machines to one file?
rsyslogd: Any way to get around the number of local facilities?
Nginx log to syslog on TCP port
Log Locally and Remotely with rsyslogd
rsyslog udp forwarding truncates at 2048 characters
rsyslog filters on message contents and facility