rsyslog network listening
* listen to current test vlans * listen on future prod vlans * Templates for general reception * collect all hostapd (assoc) in single file
This commit is contained in:
Vladimir Vitkov
parent
23469505da
commit
b8d4660ab3
|
|
@ -14,9 +14,26 @@ $ModLoad imklog # provides kernel logging support
|
|||
|
||||
# provides UDP syslog reception
|
||||
$ModLoad imudp
|
||||
# Listen only on management
|
||||
# MGMT
|
||||
$UDPServerAddress 10.200.0.1
|
||||
$UDPServerRun 514
|
||||
# overflow
|
||||
$UDPServerAddress 10.203.0.1
|
||||
$UDPServerRun 514
|
||||
# video
|
||||
$UDPServerAddress 10.204.0.1
|
||||
$UDPServerRun 514
|
||||
|
||||
# prod
|
||||
# MGMT
|
||||
$UDPServerAddress 10.100.0.1
|
||||
$UDPServerRun 514
|
||||
# overflow
|
||||
$UDPServerAddress 10.103.0.1
|
||||
$UDPServerRun 514
|
||||
# video
|
||||
$UDPServerAddress 10.104.0.1
|
||||
$UDPServerRun 514
|
||||
|
||||
###########################
|
||||
#### GLOBAL DIRECTIVES ####
|
||||
|
|
@ -42,6 +59,33 @@ $Umask 0022
|
|||
#
|
||||
$WorkDirectory /var/spool/rsyslog
|
||||
|
||||
# now dump received logs
|
||||
# will be finicky to look but good for later analisys
|
||||
$template RemoteLoggers,"/opt/syslog/%hostname%/%programname%.log"
|
||||
|
||||
# template for hostapd (associations)
|
||||
$template RemoteHostapd,"/opt/syslog/hostapd/all-ap-hostapd.log"
|
||||
|
||||
# current testing vlans
|
||||
if $fromhost-ip startswith '10.200.' then ?RemoteLoggers
|
||||
if $fromhost-ip startswith '10.203.' then ?RemoteLoggers
|
||||
if $fromhost-ip startswith '10.204.' then ?RemoteLoggers
|
||||
|
||||
# prod vlans
|
||||
if $fromhost-ip startswith '10.100.' then ?RemoteLoggers
|
||||
if $fromhost-ip startswith '10.103.' then ?RemoteLoggers
|
||||
if $fromhost-ip startswith '10.104.' then ?RemoteLoggers
|
||||
|
||||
# current testing vlans (hostapd)
|
||||
if $programname == 'hostapd' and $fromhost-ip startswith '10.200.' then ?RemoteHostapd
|
||||
if $programname == 'hostapd' and $fromhost-ip startswith '10.203.' then ?RemoteHostapd
|
||||
if $programname == 'hostapd' and $fromhost-ip startswith '10.204.' then ?RemoteHostapd
|
||||
|
||||
# prod lans (hostapd)
|
||||
if $programname == 'hostapd' and $fromhost-ip startswith '10.100.' then ?RemoteHostapd
|
||||
if $programname == 'hostapd' and $fromhost-ip startswith '10.103.' then ?RemoteHostapd
|
||||
if $programname == 'hostapd' and $fromhost-ip startswith '10.104.' then ?RemoteHostapd
|
||||
|
||||
#
|
||||
# Include all config files in /etc/rsyslog.d/
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in New Issue