{"id":1232,"date":"2018-06-26T10:39:19","date_gmt":"2018-06-26T05:39:19","guid":{"rendered":"http:\/\/alexeyka.zantsev.com\/?p=1232"},"modified":"2018-06-26T10:48:41","modified_gmt":"2018-06-26T05:48:41","slug":"rsyslog-do-not-collect-logs-from-some-application","status":"publish","type":"post","link":"https:\/\/alexeyka.zantsev.com\/?p=1232","title":{"rendered":"rsyslog: do not collect logs from some application"},"content":{"rendered":"<p>If there&#8217;s no settings in the application itself, you can configure rsyslog not to write apps logs.<\/p>\n<p>CentOS 6.6, rsyslog 5.8.10-10.el6_6:<br \/>\nAsterisk is configured to write logs to remote syslog server (syslog02.core) but still writes not only there but also locally.<br \/>\nTo prevent this:<br \/>\ncreate &#8216;\/etc\/rsyslog.d\/10-asterisk.conf&#8217; with lines<br \/>\n<code><br \/>\n:syslogtag, contains, \"asterisk\" @syslog02.core<br \/>\n& stop<br \/>\n<\/code><\/p>\n<p>Debian 9.4 Stretch, rsyslog 8.24.0-1:<br \/>\nAsterisk is nt configured to write to remote syslog, but also writes everything to local rsyslog.<br \/>\nCreate &#8216;\/etc\/rsyslog.d\/10-asterisk.conf&#8217;:<br \/>\n<code><br \/>\nif $programname == \"asterisk\" then {<br \/>\n    stop<br \/>\n}<br \/>\n<\/code><\/p>\n<p><a href=\"https:\/\/www.rsyslog.com\/doc\/v8-stable\/configuration\/filters.html\" rel=\"noopener\" target=\"_blank\">https:\/\/www.rsyslog.com\/doc\/v8-stable\/configuration\/filters.html<\/a><br \/>\n<a href=\"https:\/\/www.rsyslog.com\/discarding-unwanted-messages\/\" rel=\"noopener\" target=\"_blank\">https:\/\/www.rsyslog.com\/discarding-unwanted-messages\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>If there&#8217;s no settings in the application itself, you can configure rsyslog not to write apps logs. CentOS 6.6, rsyslog 5.8.10-10.el6_6: Asterisk is configured to write logs to remote syslog server (syslog02.core) but still writes not only there but also locally. To prevent this: create &#8216;\/etc\/rsyslog.d\/10-asterisk.conf&#8217; with lines :syslogtag, contains, &#8220;asterisk&#8221; @syslog02.core &#038; stop Debian [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[240],"class_list":["post-1232","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-rsyslog"],"_links":{"self":[{"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=\/wp\/v2\/posts\/1232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1232"}],"version-history":[{"count":3,"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=\/wp\/v2\/posts\/1232\/revisions"}],"predecessor-version":[{"id":1235,"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=\/wp\/v2\/posts\/1232\/revisions\/1235"}],"wp:attachment":[{"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/alexeyka.zantsev.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}