There are multiple vhosts are running on apache 2.2.22(Ubuntu 12.04), i want to send each vhost error logs to separate rsyslog file, Following are configuration
Apache Vhost
<VirtualHost *:80>
php_value auto_prepend_file sdemoqa.php
DocumentRoot /home/www//demoqa
ServerName sdemoqa.xyz.com
ErrorLog "syslog:local1"
CustomLog /var/log/apache/sdemoqa-access.log combined
RewriteEngine on
Include /nas/wow.conf
Include /nas/auth.conf
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/www/demoqa/hearing
ServerName shdemoqa.xyz.com
# ErrorLog /var/log/apache/hdemoqa-error.log
ErrorLog "syslog:local2"
CustomLog /var/log/apache/shdemoqa-access.log combined
</VirtualHost>
Syslog config /etc/rsyslog.d/50-default.conf
#Mod Security Logs
local1.* /var/log/apache2/modsec/sdemoqa.log
local2.* /var/log/apache2/modsec/shdemoqa.log
But all vhosts error are redirect to first entry of syslog mentioned in apache configs. I mean both vhosts error logs are going to "local1.* /var/log/apache2/modsec/sdemoqa.log"
Thanks infosec.pk
The
syslog
location for the logging directives is only available for theErrorLog
directive and the log facility is global. Whichever is last defined is the facility that will be used for allsyslog
logging locations.As suggested log piping is the best way to achieve what you described is what has already been mentioned with log piping. This is unfortunate because you lose the ability to distinguish priority.
Additionally, the other answers suggest logger is located at
/bin/logger
on my installation of Ubuntu 12.04 it is actually located at/usr/bin/logger
I piped both
VirtualHost
declarations on the assumption that you would like the defaultErrorLog
directive to also go tosyslog
in yet another location.