Documentation forKiwi Syslog Server NG

Log each message to a file based on the date and sending device

Rules define what action Kiwi Syslog Server takes when it receives a message. This example creates a rule to log each message to a file. The log files are automatically split based on the current date and the IP address of the sending device. Kiwi Syslog Server writes a new log each day for each device.

This rule does not include any filters because the action is performed on all messages.

  1. Choose File > Setup to open the Kiwi Syslog Server Setup dialog box.

    The left pane displays existing rules.

  2. Right-click Rules and choose Add Rule.

    A new rule is added below the existing rules.

  3. Replace the default name with a descriptive name.

  4. Right-click Actions below the rule, and choose Add Action.

    A new action is added.

  5. Replace the default name with a descriptive name.

  6. In the Action menu at the top of the dialog, select Log to file.

  7. Change the default email file name. Use AutoSplit variables, selected from the Insert AutoSplit value menu, to create separate log files based on the date and the IP address of the sending device. For this example, the file name is IP_address - Syslog - YYYY-MM-DD.
    1. Place the cursor at the beginning of the file name (after \Logs\).
    2. Click Insert AutoSplit value and choose Host IP > IP Address (4 octets, 0 padded).
    3. Replace SyslogCatchAll with -Syslog. Leave the AutoSplit date variable at the end.

      An example of the actual path and file name is shown below the entry.

  8. Click Apply to save the action.

    Check marks indicate that the rule and action are enabled.

You can create schedules to automatically archive and retain these log files based on your company's retention policy.