centos 7.9
Trying to create a UDP rule in rsyslog for syslog 20(local4)
I have the udp lines uncommented.
Now I am just trying to set up the rule. Never had to before, so I probably have it wrong.
I have:
local4.syslog20 /var/log/cisco
Thanks
rsyslog rule creation
Re: rsyslog rule creation
As you are using CentOS 7.9 I will assume you are on rsyslog v8.24 so you can add this rule above the standard rules.
Code: Select all
if $syslogfacility-text == 'local4' then {
action(type="omfile"
name="cisco_logs"
file="/var/log/cisco.log"
)
stop
}
-
- Posts: 28
- Joined: 2016/10/06 20:12:33
Re: rsyslog rule creation
Thanks Larwood, I'll give this a try!