我是rsyslog中的新手,我能够从客户端到服务器获取日志。但是我需要按照这样的日志严重性(表示INFO,ERROR,WARN)将其划分
答案 0 :(得分:2)
尝试将其添加到服务器端的rsyslog.conf文件中
module(load="imuxsock") # provides support for local system logging
#module(load="immark") # provides --MARK-- message capability
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="50514" ruleset="remote")
Ruleset (name="remote"){
# action (type="omfile" file="/var/log/jvh.log")
if $msg contains 'ERROR' then {
action (type="omfile" file="/var/log/jvhErr.log")
}else if $msg contains 'INFO' then {
action(type="omfile" file="/var/log/jvhInfo.log")
}else {
action(type="omfile" file ="/var/log/jvhOther.log")
}
}