--> logs Archives - SomoIT.net

Linux – rsyslog: parsing and splitting message fields

Posted on September 29, 2020 by Sysadmin SomoIT

Until now I hadn’t used the options and features rsyslog comes with. Let me show a simple example I have done today. This is an example log line rsyslog has received from iptables (I have configured iptables to log certain connections attempts to identify and save devices with malware):

Sep 29 15:30:39 myserver kernel: [malware3] IN=ens192 OUT=ens192 MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=10.15.13.17

F5 BIGIP – Send logs to custom syslog file

Posted on November 8, 2017 by Sysadmin SomoIT

For debugging purposes (or to simply to organize logs as you prefer) it would be interesting to send certain syslog messages to a custom file instead of the default ones like /var/log/ltm or /var/log/apm

Desired goal

This example shows the way to send syslog messages starting with the string #DEBUG# to the file /var/log/customlog

(You can replace both string and … Read more

SomoIT.net

IT System Administration – Sysadmin tips, tricks and tutorials

Tag Archives: logs

Linux – rsyslog: parsing and splitting message fields

F5 BIGIP – Send logs to custom syslog file

Desired goal