Hi Tomas, It's working in rsyslog with applying the link you've given. Thanks. The only thing that I am thinking now is how to make logrotate to automatically compress those different directories/files in various hostnames logged in a certain period of time. I can copy and modify manually the /etc/logrotate.d/syslog to target those different hostname logged but is there any settings needed to work it in logrotate.conf? Thanks. James 2010/4/12 Tomas Ruprich <ruprich at uikt.mendelu.cz> > Not that rules, but definetely it's possible with rsyslog. > http://www.rsyslog.com/Article60.phtml > > Tomas > > > Mon, Apr 12, 2010 ve 04:12:39PM +0800, James Corteciano napsal: > > Hi Tomas, > > > > I can't use syslog-ng because it's not included in RHEL package in DVD > and > > company policy not to use non-rpm. I can use rsyslog and found it's the > same > > config to syslog. Can I apply that rules in rsyslog? > > > > Thanks. > > > > James > > > > On Mon, Apr 12, 2010 at 3:57 PM, Tomas Ruprich <ruprich at uikt.mendelu.cz > >wrote: > > > > > Hi James, > > > i think much better for syslog server usage is syslog-ng. It has bit > > > more difficult configuration for such a small network, but it brings > > > much more functionalities. > > > > > > the simple ruleset for your needs could look like: > > > > > > source s_sys { unix-stream("/dev/log"); internal(); }; > > > source s_net { udp(); }; > > > > > > destination d_net { file("/var/log/network/$HOST/$YEAR.$MONTH.log" > > > owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); }; > > > > > > log { source(s_net); destination(d_net); }; > > > log { source(s_sys); destination(d_net); }; > > > > > > Hope it helps, > > > Tomas > > > > > > > > > Mon, Apr 12, 2010 ve 03:49:53PM +0800, James Corteciano napsal: > > > > Hi All, > > > > > > > > I have three server. server0 is centralized logging server, server1 > and > > > > server2 are remote client servers. How can I properly configure the > > > syslog > > > > in server0 to log the two servers in different separated > > > files/directories. > > > > Example, server1 will be logged at /var/log/syslog/server1.log of > server0 > > > > and /var/log/syslog/server2.log for server2 as well. Is there need of > > > little > > > > tweaking for syslog.conf ? > > > > > > > > Thanks. > > > > > > > > James > > > > > > > _______________________________________________ > > > > CentOS mailing list > > > > CentOS at centos.org > > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > _______________________________________________ > > > CentOS mailing list > > > CentOS at centos.org > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > _______________________________________________ > > CentOS mailing list > > CentOS at centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > -- > > S pozdravem > > Tomáš Ruprich > systémový administrátor > > Ústav pro informační systém > Mendelova univerzita v Brně > > Zemědělská 1 / 613 00 Brno > telefon 545 132 885 > ruprich at uikt.mendelu.cz > www.mendelu.cz > > [prostor pro logo] > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100413/b6da3ebc/attachment-0005.html>