I would like to know how to send certain syslog messages to certain hosts, and block certain others.
For instance, I want to send the following types of syslogs to the following hosts:
BGP(0): 10.20.15.253 send unreachable xyz.abx.com
But I want to block syslog messages like this one from certain devices only, and allow it from others:
Please suggest, how is this possible.
It depends on the message. Your standard bad memory access syslog comes with a traceback, and will be sent to a syslog server without issue. Certainly some messages may be generated at a time when the network is unstable, and thus will be dropped. Sure, something like EEM may help here, but if the state of the device is compromised, then the EEM policy may not run, or could further complicate things.