In my system, syslog-ng receives messages via syslog udp, then moves them to the pipe and passes them to a python script. It is necessary to know: has each massage been analyzed or the pipe been overloaded? It seems to me that the best way is to number the messages placed in the pipe. Syslog-ng has an RCPTID that knows how to number messages, but does it globally for the entire server. That is, in the assignment I need, the numbers come with omissions: 456, 489, 503, etc.
I want to add a counter that will count the received messages separately for each destination, starting from 1 from the moment the daemon starts.
I have tried to use custom variables (example simplified to write file):
filter A { "${TC}" eq "NaN" };
rewrite tc_rw { set("0", value("TC") condition(filter(A))); set("$(+ ${TC} 1)", value("TC")); };
destination d_file { file("/mocs/misc/log-test.log" template("${HOST} ${TC} ${PROGRAM} ${MSG}\n")); };
log { source(s_udp); rewrite(tc_rw); destination(d_file); };
but no luck: in every message i get "NaN" for TC. Looks like TC resets to NaN on every incoming message.
it might be worth using @define global variables, but I can't change them in rewrite