> > On Wed, 2005-05-25 at 14:03 -0400, Tim Holmes wrote: > > #send messages from Lancelot to Lancelot.log > > 192.168.0.225.* /var/log/lancelot.log > > Plain old syslog doesn't support this. The LHS has to be > <log_facility>.<log_level>. Syslog-ng is far more flexible in this > respect, you may want to check it out. > > If you want/need to stick to syslog, the traditional approach is > configuring your log sources to use different facilities that aren't > used anywhere else, and sort them into different log files using > syslog.conf. This clearly doesn't scale very well, since you usually > only have the facilities local0 to local7 at your disposal. But with > just two log sources, as in your example, it would work well. > > Another approach is having syslog write it all into one big file, and > running one or more "tail --follow=name" style listeners on that file, > that grep on content (e.g. the 4th word) and write specific log files. > > Cheers > Steffen. [Tim Holmes wrote] Thanks to all who responded. We have decided to take a different tactic, and we will be logging all of our syslog messages to a dedicated MYSQL database, which I will then be able to query using webpage tools. That will be the ideal solution Thanks again for all your help TIM
