Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Kiwi Syslog Server > Kiwi Syslog Server Documentation > Kiwi Syslog Server Getting Started Guide > Create rules to process messages > Log each message to a file based on the date and sending device

Log each message to a file based on the date and sending device

Table of contents
No headers
Kiwi Syslog Server Getting Started Home

Rules define what action Kiwi Syslog Server takes when it receives a message. This example creates a rule to log each message to a file. The log files are automatically split based on the current date and the IP address of the sending device. Kiwi Syslog Server writes a new log each day for each device.

This rule does not include any filters because the action is performed on all messages.

  1. Choose File > Setup to open the Kiwi Syslog Server Setup dialog box.

    The left pane displays existing rules.


  2. Right-click the Rules node and choose Add Rule.

    A new rule is added below the existing rules.


  3. Replace the default name with a descriptive name.


  4. Right-click the Actions node below the rule, and choose Add Action.

    A new action is added.


  5. Replace the default name with a descriptive name.


  6. In the Action menu at the top of the dialog, select Log to file.


  7. Change the default email file name. Use AutoSplit variables to create separate log files based on the date and the IP address of the sending device. For this example, the file name is IP_address - Syslog - YYYY-MM-DD.
    1. Place the cursor at the beginning of the file name (after \Logs\).
    2. Click Insert AutoSplit value and choose Host IP > IP Address (4 octets, 0 padded).
    3. Replace SyslogCatchAll with -Syslog. (Leave the AutoSplit date variable at the end.)

      An example of the actual path and file name is shown below the entry.


  8. Click Apply to save the action.

    Check marks indicate that the rule and action are enabled.


You can create schedules to automatically archive and retain these log files based on your company's retention policy.

Last modified