Save incoming log with suffix to its logfile-suffix.log using syslog-ng

Question

I've been searching on the internet for answers relating to syslog-ng and how I can configure syslog-ng to save incoming log files with a specific suffix to a file and also carry over the suffix variable.

destination d_logs {
    file("/var/log/app-${host}.log", owner("root"), group("root"), perm(0640));
}

In the configuration above, I would like to be able to extract the suffix and carry the suffix over to a variable known to syslog-ng, is it possible?

Reading the documentation we have the possibility for a parser, and honestly I don't want to do too much parsing, just grap the known suffix and put in as a new variable the file object understand.

Thanks in advance and stay safe

score 0 · Answer 1 · answered Aug 27 '20 at 13:16

0

I found the answer

In the destination you will use a python module and refer  to a python class that will parse the incoming message and use the information to write to the specific file.

answered Aug 27 '20 at 13:16

OMG-1

156
1

Going to add code later – OMG-1 Aug 27 '20 at 13:16

Save incoming log with suffix to its logfile-suffix.log using syslog-ng

1 Answers1