Search This Blog

Loading...

Tuesday, 8 January 2013

Separate MongoDB Syslog by Facility

In my last post, I showed how you can set up MongoDB v2.2 to syslog its logs off to a remote syslog server. As my `tcpdump` snippets show, the syslog messages hit the syslog server tagged as "user.info", which means that they're assigned to the "user" facility with a severity level of "info".

I've received a few questions regarding the possiblity of splitting out syslog messages by facility, however, as everything is currently sent to a "user.info" bucket, so-to-speak, this is not possibility. There is a current feature request for this capability and work will be done on this but if this is important for you, I'd strongly encourage you to vote for this feature.

In the meantime, however, (whilst not ideal) you can still do some host filtering with rsyslog as outlined here.

2 comments:

  1. 'with a warning level of "info".'

    It's severity level, not warning. Warning is one of the levels:
    http://tools.ietf.org/html/rfc5424#page-11
    http://en.wikipedia.org/wiki/Syslog#Severity_levels

    ReplyDelete
  2. @MO yeah, my bad - I meant to type "severity" and was actually looking at the severity levels in the RFC and "warning" (another "severity" level obviously stuck in my head) :( Thanks for the catch.

    ReplyDelete