Re: Logging from remote sources

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gene Heskett wrote:
>> I think it's something like:
>> :hostname, isequal, "router"
>>
>> *.*             /var/log/DD_WRT_router.log
>>
> I tried that, and it duplicated the host machines log to the target. :)

Can you clarify?  You put it as three lines like that?

> So I'm now trying:
> :msg, contains, "router"		/var/log/dd-wrt/router.log

Counter-intuitively (but seemingly confirmed by some quick testing), I
don't think hostname is part of the message.  I have another idea that
DID appear to work (obviously I tested with my own hostname), though it
didn't log as much as I expected ...</ominous>:

:HOSTNAME, isequal, "router" /var/log/dd-wrt/router.log

All one line, capitalized HOSTNAME.  Also, just to be safe make sure
/var/log/dd-wrt/router.log already exists with the same permissions
(user/group/mode) as /var/log/messages before you restart rsyslogd.

> If I put it on two lines, it fussed on the restart because there was a line 
> without an action.

Right, my mistake.

> Is it an absolute requirement?  If not, how to stop it?

You /might/ be able to disable it if you hard-coded the MAC address of
every machine (including routers, firewalls, etc.) on your LAN.
However, I highly advise against attempting this.

Matt Flaschen

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux