rsyslog 读取文件名 rsyslog 读取文件名: property(name="$!metadata!filename")
来源:互联网 发布:士族知乎 编辑:程序博客网 时间:2024/06/08 04:48
rsyslog 读取文件名:[root@node01 log]# cat /etc/rsyslog.confmodule(load="imfile")#template(name="remote" type="string" string="%msg%\n")template(name="remote" type="list") { constant(value="<") property(name="pri") constant(value=">") property(name="timestamp" dateFormat="rfc3339") constant(value=" ") property(name="hostname") constant(value=" ") property(name="syslogtag" position.from="1" position.to="32") property(name="msg" spifno1stsp="on" ) property(name="msg") constant(value=",") property(name="$!metadata!filename") }input ( type="imfile" File="/root/log/a2.log" Tag="testlog02" PersistStateInterval="10" reopenOnTruncate="on" Severity="info" Facility="local5" ruleset="chat" addMetadata ="on")ruleset (name="chat"){ action(type="omfwd" Target="192.168.137.3" Port="514" Protocol="tcp" template="remote")}$EscapeControlCharactersOnReceive off##%msg:2:$%为去掉日志开头的空格$template tocFormat,"%fromhost-ip%%$!metadata!filename%,%msg%\n"#$template xd-app-10.4.32.5,"/data01/tlxd/xd-app.-%$year%-%$month%-%$day%"#:fromhost-ip, isequal, "10.4.32.5" -?xd-app-10.4.32.5######weblogic 交易日志##################################################################################$template testlog01,"/data01/%fromhost-ip%/%syslogtag%.%$year%-%$month%-%$day%":syslogtag,isequal,"testlog01" -?testlog01;tocFormat$template testlog02,"/data01/%fromhost-ip%/%syslogtag%.%$year%-%$month%-%$day%":syslogtag,isequal,"testlog02" -?testlog02;tocFormat#$template "%$!metadata!filename%","/data01/%fromhost-ip%/%syslogtag%.%$year%-%$month%-%$day%"#:rawmsg,contains,"%$!metadata!filename%" -?"%$!metadata!filename%";tocFormat测试:[root@node01 log]# echo "aaaaaaaaaaccccccccccc" >>a2.log [root@node01 log]# node2:/data01/192.168.137.2#cat testlog02.2017-07-14 192.168.137.2, aaaaaaaaaa,/root/log/a2.log192.168.137.2, aaaaaaaaaaccccccccccc,/root/log/a2.lognode2:/data01/192.168.137.2#阅读全文
0 0
- rsyslog 读取文件名 rsyslog 读取文件名: property(name="$!metadata!filename")
- rsyslog 读取单个文件测试
- rsyslog
- rsyslog
- rsyslog
- Rsyslog
- rsyslog
- rsyslog
- rsyslog
- rsyslog
- rsyslog
- rsyslog 解决日志截断不读取问题
- FILE NAME(filename)文件名的理解
- JAVA读取文件名
- JAVA读取文件名二
- java输入输出---读取文件名
- 文件名有规则情况读取
- rsyslog - filter by program name
- xml与Html兄弟情深
- glide__BitmapPool
- MYSQL数学函数
- JAVA设计模式之工厂模式(简单工厂模式+工厂方法模式+抽象工厂模式)
- TCP/IP,HTTP总结
- rsyslog 读取文件名 rsyslog 读取文件名: property(name="$!metadata!filename")
- centos 7配置JDK
- Linux内核Ramdisk(initrd)机制
- python基础学习-There's an error in your program:expected an indented block错误解决
- hrbust 2326 Blind Father (单调栈)
- 浏览器兼容问题详解
- php加盐加密
- 定时删除项目upload目录下的所有不需要的文件以及目录(保留upload目录)
- 浅尝Hessian远程调用
