[syslog-ng] Odd problem after upgrading from 2.1 to 3
Siem Korteweg
Siem.Korteweg at qnh.nl
Sun Jan 17 22:03:44 CET 2010
Jerry,
from the admin manual:
Message filtering, parsing, and rewriting is performed in the order that the
operations appear in the log statement.
So, change the order in your log-statements to:
log { source(NET); filter(A); destination(A); };
Also change your second filter statement to filter for host B.
regards,
Siem Korteweg
-----Oorspronkelijk bericht-----
Van: syslog-ng-bounces at lists.balabit.hu namens Jerry Bell
Verzonden: zo 17-1-2010 15:26
Aan: syslog-ng at lists.balabit.hu
Onderwerp: [syslog-ng] Odd problem after upgrading from 2.1 to 3
This config worked in syslog-ng 2.1
source NET {udp(port(514)); tcp(port(5140) keep-alive(yes));};
destination A { file("/var/log/A"); };
destination B { file("/var/log/B"); };
filter A { host ("A");};
filter A { host ("A");};
log { source(NET); destination(A); filter(A); };
log { source(NET); destination(B); filter(B); };
worked as expected that is log messages coming from host A went to
/var/log/A file
and log messages coming from host B went to /var/log/B.
The two hostnames are resolved locally in /etc/hosts
After upgrading to 3.0.x all the messages duplicated in both files so
that messages coming from A are written in /var/log/A AND /var/log/B and
vice-versa. Any idea why it does not work in 3?
Thank you,
Jerry
_____________________________________________________________________________
_
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 3274 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20100117/9b3906f2/attachment.bin
More information about the syslog-ng
mailing list