[syslog-ng] Log all msgs but a specific filter

Thu Jan 21 22:33:45 CET 2010

You can also use the flags(final) tag in your log statement to prevent
matched logs from also being written to any log statements below it. Put it
in your 'specifically filtered' log statement, defined *above* your 'main'
log statement.

log {
source(s_all);
filter(f_specific_filter);
destination(d_specific_log);
flags(final);
}

log {
source(s_all);
destination(d_everything_else);
}

On Thu, Jan 21, 2010 at 12:58 PM, Siem Korteweg <Siem.Korteweg at qnh.nl>wrote:

> Paul,
>
> use the keyword "not" in your filter:
>
> filter notmail { not facility(mail); }
>
> regards,
> Siem
>
> -----Oorspronkelijk bericht-----
> Van: syslog-ng-bounces at lists.balabit.hu namens PAUL WILLIAMSON
> Verzonden: do 21-1-2010 21:48
> Aan: syslog-ng at lists.balabit.hu
> Onderwerp: [syslog-ng] Log all msgs but a specific filter
>
> I need to log all messages except for a specific filter.  I have the filter
> defined
> and these messages are getting logged to a separate file.  However, I have
> one
> "main" log file where I do all my other processing.  How can I include that
> filter in my destination so that it drops those specific messages from
> getting
> logged?
>
> Thanks,
> Paul
>
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
>

-- 
Lance Laursen
Demonware Systems Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20100121/021182c0/attachment.htm 