Hi,
I'm sure this is really easy once you know how to do it :-)
My syslog is filling up with DHCP lease statements from dnsmasq, and I would like to move all these messages to a separate log.
It looks really easy according to rsyslog configuration, but I just can't get it to work the way it should.
The messages I would like to filter look like the following:
Code:
Jan 3 20:10:07 Majestix dnsmasq-dhcp[6614]: DHCPREQUEST(bond0) 192.168.1.81 10:68:ff:ff:ff:ff
Jan 3 20:10:07 Majestix dnsmasq-dhcp[6614]: DHCPACK(bond0) 192.168.1.81 10:ff:3f:ff:ff:ff Nexus4
Jan 3 20:10:32 Majestix dnsmasq-dhcp[6614]: DHCPREQUEST(bond0) 192.168.1.93 70:de:ff:ff:ff:04
Jan 3 20:10:32 Majestix dnsmasq-dhcp[6614]: DHCPACK(bond0) 192.168.1.93 70:ff:ff:ff:ff:04 iPad-AF
(yes, out of general paranoia I have butchered the MAC addresses slightly
)
What I've tried in the config is a plethora of variations over this theme:
Code:
if $programname == 'dnsmasq-dhcp' and $syslogseverity <= '6' then /var/log/dnsdhcp.log
#if $programname == 'dnsmasq-dhcp' and $syslogseverity <= '6' then ~
But nothing happens in dnsdhcp.log and everything still comes into /var/log/messages..
Anyone care to give me a hint to where I'm heading in the wrong direction?
-y1
