rSyslog in Ubuntu 11.4

5 pts.
Tags:
Cisco ASA
Ubuntu
I have enabled rsyslog on Ubuntu and have my firewall logs going to this system.  They are landing in the syslog file and I want them to go to a unique file such as /var/log/firewall.log.  I have entered the following line in the rsyslog.conf file, but it doesn't seem to have any affect. if $fromhost-ip isequal '192.168.223.1' then /var/log/192.168.223.1.log & ~ Does the config file care where I place that line?  I have placed it close to the top before the local rule definitions. Thanks!

Software/Hardware used:
ASA 5520, Ubuntu 11.04

Answer Wiki

Thanks. We'll let you know when a new response is added.

I think you should add this rule in front of all others :

:fromhost-ip, isequal, “192.168.223.1” /var/log/remotefile.log

Regards.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: