我正在将所有日志(包括python程序)转储到一个特定文件中。来自内核的日志太多,因此我想忽略某个级别的日志。是否可以使用syslog-ng配置文件仅忽略notice
和warning
级内核。以下是我当前的syslog-ng配置文件
@version: 3.5
# First, set some global options.
options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
owner("root"); group("adm"); perm(0640); stats_freq(0);
bad_hostname("^gconfd$");
};
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source s_src { unix-dgram("/dev/log"); internal();
file("/proc/kmsg" program_override("kernel"));
};
template t_noHeader {
template("\"time\":\"$DATE\",\"level\":\"$LEVEL\",\"log\":[\"$PROGRAM\",\"$MSG\"],\n");
template_escape(no);
};
rewrite r_MSG{
subst("\"", "", value("MESSAGE"), flags(global));
subst("\'", "", value("MESSAGE"), flags(global));
subst("\t", "", value("MESSAGE"), flags(global));
};
rewrite r_SetKernel{
set("Knl", value(PROGRAM), condition(program("kernel")));
};
destination d_console_all { file("/dev/tty10"); };
destination d_xconsole { pipe("/dev/xconsole"); };
destination d_MyProg {
file("/home/root/logs/Prog-${YEAR}${MONTH}${DAY}.log" template(t_noHeader) ); };
filter f_console { level(warn .. emerg); };
filter f_syslog3 { not facility(auth, authpriv, mail); };
filter f_ignoreProg { not match("avahi-daemon" value(PROGRAM)) and not
match("neard" value(PROGRAM)) and not match("crond" value(PROGRAM)) and
not match("ofonod" value(PROGRAM)); };
log { source(s_src); filter(f_auth); destination(d_auth); };
log { source(s_src); filter(f_console); destination(d_console_all); destination(d_xconsole); };
log { source(s_src); filter(f_crit); destination(d_console); };
log { source(s_src); rewrite(r_MSG); rewrite(r_SetKernel);
filter(f_syslog3); filter(f_ignoreProg); destination(d_MyProg); };