rSyslog in Ubuntu 11.4

5 pts.
Tags:
Cisco ASA
Ubuntu
I have enabled rsyslog on Ubuntu and have my firewall logs going to this system.  They are landing in the syslog file and I want them to go to a unique file such as /var/log/firewall.log.  I have entered the following line in the rsyslog.conf file, but it doesn't seem to have any affect. if $fromhost-ip isequal '192.168.223.1' then /var/log/192.168.223.1.log & ~ Does the config file care where I place that line?  I have placed it close to the top before the local rule definitions. Thanks!

Software/Hardware used:
ASA 5520, Ubuntu 11.04

Answer Wiki

Thanks. We'll let you know when a new response is added.

I think you should add this rule in front of all others :

:fromhost-ip, isequal, “192.168.223.1” /var/log/remotefile.log

Regards.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following