Home / server / Questions / 44659
Accepted
3D1L
Asked: 2009-07-24 07:09:06 +0800 CST

How to setup SYSLOG in Centos for more than 8 devices?

  • 772

I currently have syslog configuration files using local0 to local7 setup in such a way, that a particular device is assign to an specific local facility pointing to separate directories and files for the device, for example:

*Entries related to the SYSLOG SERVER

*DEVICE1

local1.=emerg /location/device1/00-emerg

local1.=alert /location/device1/01-alert

local1.=crit /location/device1/02-crit

*DEVICE2

local2.=emerg /location/device2/00-emerg

local2.=alert /miramar/device2/01-alert

local2.=crit /miramar/device2/02-crit

The problem is that this way only 8 devices can be specified How can I setup syslog to work with more than 8 devices?

Best regards

centos syslog

2 Answers

  1. Best Answer

    Instead of (or in addition to) using syslog facilities, consider replacing the stock syslogd with syslog-ng. Among other things, it allows you to filter remote log messages based on the address of the host that sent them. We have a simple setup on our syslog server that does this:

    source remote_log { udp(ip(x.x.x.x) port(514)); };
    destination remote { file("/var/log/remote/$HOST.log"); };
    log { source(remote_log); destination(remote); };

    This causes syslog message for each host to end up in /var/log/remote in a file named after the hosts' IP addresses. syslog-ng lets you get a lot fancier than that if you want to (e.g. filtering individual messages based on regular expression matches), but this covers what you were asking about.

    There are syslog-ng packages in EPEL for CentOS 4 and CentOS 5

    • 6

  2. You could log multiple servers to the same local#, but if you want separate files you should look at something like syslog-ng.

    • 2