| 1 |
On 12/22/2013 03:17 PM, Tanstaafl wrote: |
| 2 |
> |
| 3 |
> I'd still like everything to go to /var/log/messages, but I'd like to |
| 4 |
> also send certain types of messages to different logs to simplify |
| 5 |
> troubleshooting, etc - ie, I often peruse the logs with: |
| 6 |
> |
| 7 |
> egrep '(reject|warning|error|fatal|panic):' /var/log/messages |
| 8 |
> |
| 9 |
> But I'd like to actually feed all of those messages to a separate log, |
| 10 |
> for easier tailing. |
| 11 |
|
| 12 |
For each separate log you want, you'll need a destination/filter pair, |
| 13 |
and you'll have to tie them together with a "log" directive. For example, |
| 14 |
|
| 15 |
destination warnlog { file("/var/log/warn.log"); }; |
| 16 |
filter f_warn { level(warn); }; |
| 17 |
log { source(src); filter(f_warn); destination(warnlog); }; |
Archives