<div dir="ltr">Hi,<br><br>I have install syslog-ng on my remote server. I need to centralized my pflog (firewall log) and snort alert to the syslog server. For your info i have successfully log all log except the pflog and snort alert. I have define the snort alert as <a href="http://local0.info">local0.info</a> and pflog as <a href="http://local1.info">local1.info</a>. Can you all give me the sample of configuration?<br>
<br>I have tcpdump for and grep the <a href="http://local1.info">local1.info</a> and <a href="http://local0.info">local0.info</a> and its show on console. I'm confuse why the system not write to destination that i specify.<br>
<br>Below is some configuration that i do on syslog-ng.conf (destination):<br>destination local0 { file("/var/log/remote/local0.log"); };<br>destination local1 { file("/var/log/remote/local1.log"); };<br>
<br>TQ<br><br><br><br clear="all"><br>-- <br>MUHAMMAD AZIZUL DARUS<br><a href="http://www.foodmalaysia.net">http://www.foodmalaysia.net</a><br><a href="http://www.myfelis.com">http://www.myfelis.com</a><br><a href="http://yourubuntulinux.blogspot.com">http://yourubuntulinux.blogspot.com</a><br>
<a href="http://opensource-2u.blogspot.com">http://opensource-2u.blogspot.com</a><br><a href="http://photograph2u.blogspot.com">http://photograph2u.blogspot.com</a><br><a href="http://malaysiataste.blogspot.com">http://malaysiataste.blogspot.com</a><br>
<a href="http://jomshopping.blogspot.com">http://jomshopping.blogspot.com</a><br><a href="http://jahitan-manik.blogspot.com">http://jahitan-manik.blogspot.com</a><br><a href="http://nissan-maniac.blogspot.com">http://nissan-maniac.blogspot.com</a><br>
<a href="http://narutoslash.blogspot.com/">http://narutoslash.blogspot.com/</a><br>
</div>