Allan Liska wrote: > Is it possible to configure syslog to create different files for each device, or group of devices? In other words, I would like my firewall logs to be logged to firewall.log, router logs logged to router.log, etc. > > I don't see anything in the documentation that allows this, and I know it can be done with post-processing tools, but I would rather use native-syslog to do it. You can log everything for a specific "class" of devices (router, firewalls, ecc) in a single file and then parse the file. But it is difficult to make parsing scripts efficient and scalable. Another solution could be to use different facilities for the different classes of devices. THe best option in my opinion would be to use syslog-ng, for it has a lot of plus such tcp transmission instead of udp, greater versatility and flexibility, easier configuration even with complex architecture and so on. But maybe you have no option and are forced to use only native syslogd. For log parsing tools and scripts and programs you can browse sourceforge or freshmeat and googling you will find alot of examples of homemade scripts. Perl language is a power tool in accomplishing such a task. Hope this can help you and sorry for my poor english. y -- http://yvetteagostini.it _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Thu Jul 22 2004 - 09:30:08 PDT