I must admit to being a complete syslog newbie. I haven't touched it until now, but I use its output on a daily basis, like most of us :)
I currently have a problem with the gmetad daemon spamming my /var/log/messages file with messages like the following:
Sep 1 10:09:49 monitor /usr/sbin/gmetad[31752]: RRD_update (/var/lib/ganglia/rrds/Machines/SummaryInfo/example.rrd): illegal attempt to u pdate using time 1314868188 when last update time is 1314868188 (minimum one second step).
I'm not too worried about the error, what I want to do is redirect these particular messages to another log file (e.g /var/log/gmetad.log). The problem is that there doesn't seem to be any way to direct gmetad's logs to a certain place in its config (and documentation for this particular piece of software seems quite sparse). So I was wondering if it was possible to use the "local" facility in syslog to grab these messages and stick them somewhere else to leave /var/log/messages a bit cleaner.
Can anyone help? Does anyone have any examples for the "local" facilities?
Which syslog daemon do you have ? Syslogd ? syslog-ng ? rsyslog ? The syntax is different for each daemon.
for example in rsyslog, you could do something like
{you must find application's facility}
otherwise you could do something like