I have syslog-ng (v3.4.7) configured to catch almost all messages in their respective logs, but recently I've included some python scripts in crontab and their output just goes to messages or debug (depending on the error level).
Apr 7 22:00:02 hostname /python_script_1.py: Message from script #1
Apr 7 23:00:02 hostname /python_script_2.py: Message from script #2
Apr 8 00:00:01 hostname /python_script_1.py: Message from script #1
I'm trying to catch these messages and log them in their own log file (python.log
) and since the scripts have different names but the same extension, I thought about using the regex (\w+[.]py
) to identify all the python logs.
I'm using the following configuration for these logs in syslog-ng:
source s_system { system(); };
filter f_python { match("\w+[.]py" value("PROGRAM")); };
destination d_python { file("/var/log/python.log"); };
log { source(s_system); filter(f_python); destination(d_python); };
The problem is that they aren't being logged. I've tried both "PROGRAM"
and "MESSAGE"
values without luck. Any idea how to filter them?
Best Answer
Found the answer on another filter. The filter
program()
lets you use regexp inside, so to filter all python programs you could use eitheror
That way, our syslog-ng log line
will log all *.py files to the desired log file.