[prev in list] [next in list] [prev in thread] [next in thread]
List: syslog-ng
Subject: [syslog-ng] filtering logs from a file?
From: Steven Matkoski <matkoski () nysernet ! org>
Date: 2006-02-28 14:15:19
Message-ID: 6.2.3.4.2.20060228085131.0478c910 () ms ! nysernet ! org
[Download RAW message or body]
Hi,
I am using syslog-ng 1.6.5-2.2 on a Debian box in a chroot environment.
I have a default configuration except for gathering log messages from a
few routers, a pix, and vpn concentrator. I have the logs going into the files
I want, but the logs are also going into files I don't want. I
currently have all
the routers logging into a routers/ directory and the pix and vpn logging into
a security/ directory, but the pix and vpn are also logging into the router
directory which I would like to stop. I have tried a bunch of different filters
but nothing seems to work. Any help appreciated.
My configuration:
# router syslog
source s_syslogd { udp(ip(0.0.0.0) port(514)); };
# router syslog
destination d_router { file("/var/log/routers/$HOST"); };
destination d_security { file("/var/log/security/$HOST"); };
# router syslog
filter f_router {
not host(/<vpn ip>/)
or not host(/<pix ip>/);
};
filter f_security { host(<vpn ip>) or host(<pix ip>); };
# router.*
#log { source(s_syslogd); filter(f_router); destination(d_router); };
log { source(s_syslogd); destination(d_router); };
# firewall, vpn concentrtor
log { source(s_syslogd); filter(f_security); destination(d_security); };
thanks.
-s.
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic