<div>Hi all</div>
<div> </div>
<div>I have a question, or rather a problem</div>
<div> </div>
<div>I've written a filter to trap entries from our BIND host that sends the output to /de/null (see below)</div>
<div> </div>
<div>I can send the match to any file or to /dev/null but syslog-ng is still seeing the entry from the host and is logging it to "destination d_mysql "</div>
<div> </div>
<div>I just need to filter out the match so it never reaches "destination d_mysql"</div>
<div> </div>
<div>Can anyone offer any advice ?</div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div>my syslog-ng file below....</div>
<div>--------------------------------------</div>
<div> </div>
<div>
<div>options {<br> long_hostnames(off);<br> sync(0);<br> stats(43200);<br> dns_cache(yes);<br> use_fqdn(no);<br> keep_hostname(yes);<br> use_dns(yes);<br>};</div>
<div> </div>
<div>source shell { internal(); unix-stream("/dev/log"); udp(ip(<a href="http://my.syslog-ng.host.com">my.syslog-ng.host.com</a>)); };</div>
<div> </div>
<div>destination err-update-dns { file("/dev/null"); };<br>filter err-update-dns { match("(<a href="http://59.167.232.229">59.167.232.229</a>)"); };<br>log {source(shell); filter(err-update-dns); destination(err-update-dns); };
</div>
<div> </div>
<div>
<div>destination d_mysql {<br> pipe("/tmp/mysql.pipe"<br> template("INSERT INTO logs (host, facility, priority, level, tag, date, time, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); };
<br> log { source(shell); destination(d_mysql); };</div>
<div><br> </div></div></div>