I'm trying to forward realtime_01-08-15.log to 192.168.1.132 using syslog-ng. I think I know how to forward traffic from a file but what if the file changes name daily?
Source on Jan 8th 2015:
realtime_01-08-15.log
Source on Jan 9th 2015:
realtime_01-09-15.log
Do I have to make the source a folder and put the log file in there or is there a way for variable source input? Any help would be appreciated and an extra info can be provided if needed.
at the moment, only the commercial version of syslog-ng can use wildcards in filenames (that would solve the problem), but this feature is not yet available in the open source version.
As a workaround, you could create a cron job that exports the name of the file as an environment variable, use that variable in the filename of your syslog-ng source, and reload syslog-ng once a day.
For details, see http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.6-guides/en/syslog-ng-ose-v3.6-guide-admin/html/config-global-variables.html
HTH,
Regards,
Robert Fekete
