堆栈内存溢出
  简体   繁体   English

从 rsyslog 客户端将日志发送到 rsyslog 服务器中的特定文件

[英]send logs to a specific file in rsyslog server from rsyslog client

 原文  2022-02-28 12:17:39       ubuntu/ syslog/ rsyslog/ freeradius/ radius

问题描述

I am using rsyslog client to send freeradius logs to rsyslog server.我正在使用 rsyslog 客户端将 freeradius 日志发送到 rsyslog 服务器。 Freeradius logs are stored in /var/log/radius.log in rsyslog client PC. Freeradius 日志存储在 rsyslog 客户端 PC 的 /var/log/radius.log 中。 I want to send it to rsyslog server PC.我想将它发送到 rsyslog 服务器 PC。 I am using the following setting that is created in a separate freeradius.conf file(manually created) which is present in /etc/rsyslog.d/freeradius.conf folder.我正在使用在 /etc/rsyslog.d/freeradius.conf 文件夹中存在的单独 freeradius.conf 文件(手动创建)中创建的以下设置。 The default log file where all logs are sent to server is /var/log/syslog but I want to save log in a separate file.所有日志都发送到服务器的默认日志文件是 /var/log/syslog 但我想将日志保存在一个单独的文件中。 Please help me in saving these logs in /var/log/"CLIENT_IP"/remote_freeradius.log.请帮助我将这些日志保存在 /var/log/"CLIENT_IP"/remote_freeradius.log 中。 You can see the content of /etc/rsyslog.d/freeradius.conf file below:您可以在下面看到 /etc/rsyslog.d/freeradius.conf 文件的内容:

$ModLoad imfile     

$InputFilePollInterval 10 

$InputFileName  /var/log/radius.log 

$InputFileTag freeradius-access: 

$InputFileStateFile stat-freeradius-access 

$InputFileSeverity Info  

$InputRunFileMonitor  


$template freeradius_log, " %msg% "  


if $programname == 'freeradius-access' then @192.168.10.207:514;freeradius_log 

if $programname == 'freeradius-access' then stop

1 个解决方案

解决方案1
 0  2022-03-07 07:43:51

Yes, it's possible to modify the file name when forwarding them.是的,转发时可以修改文件名。

I don't know if you can achieve the following with legacy syntax - as far as i know, it's not possible.我不知道您是否可以使用遗留语法实现以下目标——据我所知,这是不可能的。 But you can combine legacy and advanced syntax, so it shouldn't be a problem.但是您可以结合传统语法和高级语法,所以这应该不是问题。

1st - Create a template: 1st - 创建一个模板:

template (name="ForwardRadiusLogs" type="string"
    string="<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag% %CLIENT_IP% %msg%")

2nd - Assign the template to the action which forwards the logs第二- 将模板分配给转发日志的操作

action(type="omfwd" Target="10.100.100.1" Port="20514" Template="ForwardRadiusLogs")

This is the equivalent (in advanced syntax) to the following line in your config:这相当于(在高级语法中)配置中的以下行:

@192.168.10.207:514;freeradius_log

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 rsyslog 没有将日志转发到 elasticsearch - rsyslog is not forwarding logs to elasticsearch ubuntu - 禁止从特定进程/ rsyslog进程记录到syslog - ubuntu - disable logging to syslog from a specific process/from the rsyslog process 使用 rsyslog 转发多个日志文件的问题? - Issue with multiple logs files forwarding with rsyslog? Ansible - rsyslog安装和配置 - Ansible - rsyslog installation and configuration 为什么rsyslog在logrotate后无法启动? - Why does rsyslog fail to start after logrotate? rsyslog stop 命令复制消息而不是移动 - rsyslog stop command copies messages instead of moving 正确地将数据从客户端发送到服务器。 服务器未从客户端接收完整文件 - Send data from client to server properly. Server is not receiving full file from client ubuntu apt-get install all fiald?rsyslog 的一些错误 - ubuntu apt-get install all fiald?some errors with rsyslog 将特定日志从Systemd服务重定向到单独的文件不起作用 - Redirecting specific logs from systemd service to a separate file doesnt work 是否可以将日志从 ubuntu 发送到 Loki? - Is it possible to send logs from a ubuntu to Loki?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM