[prev in list] [next in list] [prev in thread] [next in thread]
List: syslog-ng
Subject: Re: [syslog-ng] program destination problem (again...)
From: Balazs Scheidler <bazsi () balabit ! hu>
Date: 2009-08-18 17:56:06
Message-ID: 1250618166.7359.3.camel () bzorp ! balabit
[Download RAW message or body]
On Thu, 2009-08-13 at 00:26 -0600, Alberto Sierra wrote:
> hi there,
>
> i know this is been discussed like a million times already but i'm
> stuck and can't get around this.
>
> i'm using a program destination in my syslog-ng config, like this:
> destination test_log { file("/var/log/testlog"); };
> destination sshd_alerts {
> program("/usr/local/bin/ssh_alert_by_email.sh" template("$DATE $HOST
> $PROGRAM $MSGONLY")); };
try including an end-of-line in your template, since otherwise your
script will wait for it.
template("$DATE $HOST $PROGRAM $MSGONLY\n")
note the last "\n" in the template.
>
> filter sshd { program("sshd"); };
> filter login_accepted { match("Accepted password|Accepted publickey"); };
>
>
> log {
> source(s_all);
> filter(sshd);
> filter(login_accepted);
> destination(sshd_alerts);
> destination(test_log);
> };
>
> and the script as follows:
>
> #!/bin/bash
> while read line ; do
> echo $line >> /tmp/testlog
> done
>
> that's it, it logs to the destination(test_log) but the script does nothing.
>
> i followed a similar thread:
> https://lists.balabit.hu/pipermail/syslog-ng/2008-March/011512.html
>
> and the script works well interactively in the shell. I think i hit a
> dead end here... btw version 2.0.9
>
--
Bazsi
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic