【Thecus N16000Pro】rSyslog

###   ps | grep rsyslog ###

# ps | grep rsyslog
11595 root      311m S    /raid/data/module/rSyslog/system/sbin/rsyslogd -x -c5

###   cat /raid/data/module/rSyslog/system/etc/rsyslog-user.conf   ###

##
## User configuration managed through the web UI
##
## Create a share or use an existing share and replace /PATH/TO/SHARE with the actual path
## to the share. If the share resides on the master RAID the path would be
## "/raid/data/SHARENMAME" with SHARENAME being the name of the share.
##
## !!! Avoid spaces in the share name !!!
##
## The following modules are pre-loaded from the main configuration file:
##
##     immark
##     imuxsock
##     imklog
##

### COMMENT OUT OR REMOVE THE LINE BELOW WHEN YOU FINISHED CONFIGURATION ###
#NotYetConfigured
if $source == 'TP-N16000PRO' and $syslogseverity <= '6' then /raid/data/log/messages
# Log anything (except mail) of level info or higher. Don't log private authentication messages!
#*.info;mail.none;authpriv.none;cron.none                -/raid/data/log/messages

# The authpriv file has restricted access.
authpriv.*                                               /raid/data/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/raid/data/log/maillog

# Log cron stuff
cron.*                                                  -/raid/data/log/cron

## ######### Receiving Messages from Remote Hosts ##########
## TCP Syslog Server: provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514 # start up TCP listener at port 514

## UDP Syslog Server: provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514 # start a UDP syslog server at standard port 514
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$RepeatedMsgReduction on
$AllowedSender UDP, 127.0.0.1, 10.90.90.245/32, 10.90.90.210/32, 192.168.90.254/32, 10.172.26.244/32, 192.168.14.252/32, 172.16.127.244/32, 10.211.0.88, 10.211.0.89, 10.211.0.250

$template tpe-asa5550,"/raid/data/syslog/tpe-asa5550/tpe-asa5550-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '10.90.90.245' then -?tpe-asa5550

$template tpe-F800,"/raid/data/syslog/tpe-F800/tpe-F800-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '10.90.90.210' then -?tpe-F800

$template tpe-E8500,"/raid/data/syslog/tpe-E8500/tpe-E8500-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '192.168.90.254' then -?tpe-E8500

$template tpe-E2400,"/raid/data/syslog/tpe-E2400/tpe-E2400-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '10.172.26.244' then -?tpe-E2400

$template tpe-014pix,"/raid/data/syslog/tpe-014pix/tpe-014pix-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '192.168.14.252' then -?tpe-014pix

$template tpe-hqpix,"/raid/data/syslog/tpe-hqpix/tpe-hqpix-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '172.16.127.244' then -?tpe-hqpix

$template tpe-4506-01,"/raid/data/syslog/tpe-4506-01/tpe-4506-01-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '10.211.0.88' then -?tpe-4506-01

$template tpe-4506-02,"/raid/data/syslog/tpe-4506-02/tpe-4506-02-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '10.211.0.89' then -?tpe-4506-02

$template tpe-7609,"/raid/data/syslog/tpe-7609/tpe-7609-%$YEAR%%$MONTH%%$DAY%.log"
if $fromhost-ip == '10.211.0.250' then -?tpe-7609