[CentOS] How to log separate files or directories for centralizing SysLog server ?

Mon Apr 12 07:57:47 UTC 2010
Tomas Ruprich <ruprich at uikt.mendelu.cz>

Hi James,
i think much better for syslog server usage is syslog-ng. It has bit
more difficult configuration for such a small network, but it brings
much more functionalities.

the simple ruleset for your needs could look like:

source s_sys { unix-stream("/dev/log"); internal(); };
source s_net { udp(); };

destination d_net { file("/var/log/network/$HOST/$YEAR.$MONTH.log"
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };

log { source(s_net); destination(d_net); };
log { source(s_sys); destination(d_net); };

Hope it helps,

Mon, Apr 12, 2010 ve 03:49:53PM +0800, James Corteciano napsal:
> Hi All,
> I have three server. server0 is centralized logging server, server1 and
> server2 are remote client servers. How can I properly configure the syslog
> in server0 to log the two servers in different separated files/directories.
> Example, server1 will be logged at /var/log/syslog/server1.log of server0
> and /var/log/syslog/server2.log for server2 as well. Is there need of little
> tweaking for syslog.conf ?
> Thanks.
> James

