SERVER 配置:
#syslog-ng配置服务器IP:10.29.11.37
source s_maillog_receive {
udp(
port(60059),
log_fetch_limit(100),
log_iw_size(30000),
keep_hostname(no),
flags(no-multi-line),
);
tcp(
port(60059),
log_fetch_limit(100),
log_iw_size(30000),
keep_hostname(no),
flags(no-multi-line),
max-connections(100),
);
};
destination d_maillog_receive_file {file("/var/log/sinamail/all_maillog"); };
# 配置从网络接收到的日志保存到 /var/log/sinamail/all_maillog
log{ source(s_maillog_receive); destination(d_maillog_receive_file); };
CLIENT 配置:
#推日志到10.29.11.37上
@version: 3.2
options {
long_hostnames(off);
log_msg_size(65535);
flush_lines(0);
keep_hostname(no);
create_dirs(yes);
time_reopen(1);
use_dns(no);
perm(0644);
dir_perm(0755);
};
source s_local {
internal();
unix-stream("/dev/log" max-connections(4096) );
file("/proc/kmsg" program_override("kernel"));
};
filter f_mail { facility(mail) and level(warning..emerg); };
destination d_mail_l { file("/var/log/maillog"); };
destination d_mail_r { tcp('10.29.11.37' log_fifo_size(300000) port('60059')); };
# 配置日志到本地 /var/log/maillog
log{ source(s_local); filter(f_mail); destination(d_mail_l); flags(final); };
# 配置日志推到 10.29.11.37 上
log{ source(s_local); filter(f_mail); destination(d_mail_r); };
网友评论