Register

Forgot Password

Site FAQ

Home > IT Answers > Security > rSyslog in Ubuntu 11.4

Kevin2836

5 pts.

rSyslog in Ubuntu 11.4

Cisco ASA, Cisco ASA 5520, rSyslog, Ubuntu

I have enabled rsyslog on Ubuntu and have my firewall logs going to this system. They are landing in the syslog file and I want them to go to a unique file such as /var/log/firewall.log. I have entered the following line in the rsyslog.conf file, but it doesn't seem to have any affect. if $fromhost-ip isequal '192.168.223.1' then /var/log/192.168.223.1.log & ~ Does the config file care where I place that line? I have placed it close to the top before the local rule definitions. Thanks!

Software/Hardware used:
ASA 5520, Ubuntu 11.04

ASKED: June 1, 2011 10:51 PM

UPDATED: June 2, 2011 2:59 PM

RELATED QUESTIONS

Answer Wiki:

I think you should add this rule in front of all others : :fromhost-ip, isequal, "192.168.223.1" /var/log/remotefile.log Regards.

Last Wiki Answer Submitted: June 2, 2011 2:59 pm by Mariodlg

2,790 pts.

All Answer Wiki Contributors: Mariodlg

2,790 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags