[rsyslog] Problem matching localhost
niall el-assaad
niallel at gmail.com
Thu Jul 3 23:59:53 CEST 2008
Hi,
I'm running 2.0.0-11 (version included with redhat 5.2)
I want to filter all the messages from external syslog devices to one file
and all messages from the localhost to another file.
However even with the -x option turned on when a local service (such as
crond) sends a message to the log the hostname is set to the domain name of
the server.
So I can't use the following to match:
:HOSTNAME, isequal, "localhost" /var/log/messages
:HOSTNAME, !isequal, "localhost" /var/log/externalsyslog
I could replace "localhost" with "dnsname" to get it to work, but I would
like a generic method that will work on all the syslog servers I have.
Is there some switch that will cause rsyslog to report the local services as
sending from localhost or 127.0.0.1 rather than the hostname of the
localhost.
thanks,
niall
More information about the rsyslog
mailing list