From owner-freebsd-hackers Wed Feb 19 23:20:36 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id XAA24783 for hackers-outgoing; Wed, 19 Feb 1997 23:20:36 -0800 (PST) Received: from bunyip.cc.uq.edu.au (daemon@bunyip.cc.uq.edu.au [130.102.2.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id XAA24565 for ; Wed, 19 Feb 1997 23:17:19 -0800 (PST) Received: (from daemon@localhost) by bunyip.cc.uq.edu.au (8.8.5/8.8.5) id RAA20841; Thu, 20 Feb 1997 17:10:22 +1000 Received: by ogre.devetir.qld.gov.au (8.7.5/DEVETIR-E0.3a) id RAA08383; Thu, 20 Feb 1997 17:13:17 +1000 (EST) Date: Thu, 20 Feb 1997 17:13:17 +1000 (EST) From: Stephen McKay Message-Id: <199702200713.RAA08383@ogre.devetir.qld.gov.au> To: Andre Albsmeier cc: freebsd-hackers@freebsd.org, syssgm@devetir.qld.gov.au Subject: Re: License to kill annoying syslog feature? X-Newsreader: NN version 6.5.0 #1 (NOV) Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Andre Albsmeier wrote: >I am very happy with the IRIX 5.3 syslog. It supports the syntax > >*.debug;kern.none;user.none |/var/syslog/log-filter /var/syslog/all > >which pipes all messages through /var/syslog/log-filter and this script >decides what to do with them. So I get my squid, socks, slip, etc. logs >all in different files and can for example ignore some messages with >the same level and priority depending on the process that sends them. Shouldn't we add better log filtering to syslogd instead? Its function should be to accept messages, discard unnecessary ones, and log the required ones to the appropriate log files. If it is not up to this task, and we add a shell filter escape, isn't that the same thing as saying that syslogd is bogus and useless? Add some new syntax supporting arbitrary regular expressions. That should be enough for everyone. Stephen.