Sorting Syslog alarms by IP/Machine name
So I just set up my syslog to receive remote alerts. My plan is to have 6 or 7 firewalls dumping their syslog info to a centralized machine. My question is this, is there a way to sort the incoming messages by anything other than facility, such as IP or machine name? Sorting by facility would be fine if there were more than 7, and if I could change the facility that the firewalls are writing too, but alas I cannot.
Is there a 3rd party syslog that would accomplish this?
This is the stock syslog on Redhat 9.0 fyi.
|