> the logs of a number of them. Knowing the Exim id of the message on each
> of those servers allows me to seamlessly and accurately track a message as
> it moves around, rather than just relying on matching
> senders/dates/subjects/etc. Given that identifier, I suppose the progress
> of a message could be be programmatically discovered assuming all the logs
> are available, although I've never felt a great need to write something to
> do that.
exim4.conf :
log_file_path = : syslog
syslog_timestamp = no
then use syslog-ng + tcp to get all your logs on one box,
in both versions : all mixed and all separate.
very easy to work with this kind of input. :
client :
filter f_all { level(debug .. emerg);};
destination syslogserver { tcp ("myserver");};
log { source(src); filter(f_all); destination(syslogserver);};
syslog-ng server :
source src { unix-dgram("/dev/log"); internal(); file("/proc/kmsg"); udp(); tcp(max-connections(100));};
destination hosts { file("/var/log/servers/$HOST/$YEAR/$MONTH/$DAY/$FACILITY_$HOST_$YEAR_$MONTH_$DAY"
owner(root) group(adm) perm(0640) dir_owner(root) dir_group(adm) dir_perm(0750) create_dirs(yes)); };
destination hosts_dall { file("/var/log/servers/$HOST/$YEAR/$MONTH/$DAY/all_$HOST_$YEAR_$MONTH_$DAY"
owner(root) group(adm) perm(0640) dir_owner(root) dir_group(adm) dir_perm(0750) create_dirs(yes)); };
destination hosts_all { file("/var/log/servers/$HOST/all_$HOST"
owner(root) group(adm) perm(0640) dir_owner(root) dir_group(adm) dir_perm(0750) create_dirs(yes)); };
destination alllog { file("/var/log/all.log" owner("root") group("adm") perm(0640)); };
filter f_all { level(debug .. emerg);};
log { source(src); filter(f_all); destination(alllog); };
i also have automatic logrotate entries if you're interested.
--
xavier
