06-15-2010 05:29 AM - edited 03-03-2019 05:58 AM
The unix team is starting to build a new centralized log server. They want to change all the Cisco logs to use local6. Thats ok, BUT, there is another group that I also send logs to that use the standard local7 on their log server. So, is there a way I can send logs using local6 to x.x.x.x, and use local7 for y.y.y.y, or is it an all or nothing situation?
Thanks
Poirot
Solved! Go to Solution.
06-18-2010 01:29 PM
Have you considered using syslog-ng? You will not be limited by facility. Within the syslog-ng.conf file you can define which logs go where. For example, I have a number of firewalls, routers and switches. I log my firewalls to separate files, all routers to one file and all switches to one file. The syslog-ng.conf file looks at the source IP address or domain name and determines where to put the log (the file name).
06-18-2010 01:29 PM
Have you considered using syslog-ng? You will not be limited by facility. Within the syslog-ng.conf file you can define which logs go where. For example, I have a number of firewalls, routers and switches. I log my firewalls to separate files, all routers to one file and all switches to one file. The syslog-ng.conf file looks at the source IP address or domain name and determines where to put the log (the file name).
06-22-2010 06:49 AM
Thanks for the answer. Thats exactly what we will be doing.
Poirot
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: