我是rsyslog中的新手,我能够从客户端到服务器获取日志。但是我需要按照日志的严重性(即INFO,ERROR,WARN)将其划分为此类]
尝试将此添加到服务器端的rsyslog.conf文件中
module(load="imuxsock") # provides support for local system logging
#module(load="immark") # provides --MARK-- message capability
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="50514" ruleset="remote")
Ruleset (name="remote"){
# action (type="omfile" file="/var/log/jvh.log")
if $msg contains 'ERROR' then {
action (type="omfile" file="/var/log/jvhErr.log")
}else if $msg contains 'INFO' then {
action(type="omfile" file="/var/log/jvhInfo.log")
}else {
action(type="omfile" file ="/var/log/jvhOther.log")
}
}