Hey guys, I have a couple questions...
1. Is it possible to send 3rd party application logs like webmin.log to a remote logging server using syslog or syslog-ng if that 3rd party software doesn't officially support syslog messages?
2. I have the client using regular syslog and the server using syslog-ng with the following config, which works for sending firewall logs to firewall.log.
Code:
source sf_source { udp (); };
destination df_destination { file("/var/log/$HOST/firewall.log"); };
filter f_firewall { host( "192.168.127.131" ) and match(".*kernel.*(INBOUND|OUTBOUND)"); };
log { source ( sf_source ); filter( f_firewall ); destination ( df_destination ); };
However, firewall logs are the only logs I'm getting from that host. What's the easiest way to also get all other system logs to the same /var/log/$HOST folder with the appropriate log name such as auth.log, messages, mail.log, etc.?