3.5.1. Using embedded log statements

Embedded log statements (see Section 2.2.2, “Embedded log statements” ) re-use the results of processing messages (e.g., the results of filtering or rewriting) to create complex log paths. Embedded log statements use the same syntax as regular log statements, but they cannot contain additional sources. To define embedded log statements, use the following syntax:

log {
    source(s1); source(s2); ... 
    
    optional_element(filter1|parser1|rewrite1); 
    optional_element(filter2|parser2|rewrite2);... 
    
    destination(d1); destination(d2); ... 
    
    #embedded log statement
    log
        {
        optional_element(filter1|parser1|rewrite1); 
        optional_element(filter2|parser2|rewrite2);... 
        destination(d1); destination(d2); ...
        #another embedded log statement
        log
        {
            optional_element(filter1|parser1|rewrite1); 
            optional_element(filter2|parser2|rewrite2);... 
            destination(d1); destination(d2); ...};
        };    
    #set flags after the embedded log statements
    flags(flag1[, flag2...]); 
        };

	Warning
	The `final`, `fallback`, and `catchall` flags apply only for the top-level log paths, they have no effect on embedded log paths.

Example 3.31. Using embedded log paths

	Example 3.31. Using embedded log paths
The following log path sends every message to the `d_file1` and the `d_file2` destinations. log { source(s_localhost); destination(d_file1); destination(d_file2); }; The next example is equivalent with the one above, but uses an embedded log statement. log { source(s_localhost); destination(d_file1); log {destination(d_file2); }; }; The following example sends every message coming from the host `192.168.1.1` into the `d_file1` destination, and sends every message coming from the host `192.168.1.1` and containing the string `example` into the `d_file2` destination. log { source(s_localhost); host(192.168.1.); destination(d_file1); log {message("example"); destination(d_file2); }; }; The following example collects logs from multiple source groups and uses the `source()` filter in the embedded log statement to select messages of the `s_network` source group. log { source(s_localhost); source(s_network); destination(d_file1); log {source(s_network); destination(d_file2); }; };

The following log path sends every message to the d_file1 and the d_file2 destinations.

log { source(s_localhost); destination(d_file1); destination(d_file2); };

The next example is equivalent with the one above, but uses an embedded log statement.

log { source(s_localhost); destination(d_file1); 
                    log {destination(d_file2); };
};

The following example sends every message coming from the host 192.168.1.1 into the d_file1 destination, and sends every message coming from the host 192.168.1.1 and containing the string example into the d_file2 destination.

log { source(s_localhost); host(192.168.1.); destination(d_file1); 
                    log {message("example"); destination(d_file2); };
};

The following example collects logs from multiple source groups and uses the source() filter in the embedded log statement to select messages of the s_network source group.

log { source(s_localhost); source(s_network); destination(d_file1); 
                    log {source(s_network); destination(d_file2); };
                    };

Prev	Up	Next
3.5. Log paths	Home \| Contents	3.5.2. Configuring flow-control

The syslog-ng 3.0 Administrator Guide

Document version: Thirteenth
Release date: September 23, 2010
Latest version available at the BalaBit Documentation Page