Hello
<br>Everything that is written by users on console (my system is gentoo) is logged in 3 different files (debug ,
syslog, messages) ...
<br>I'd like to route all history logs to one file only... <br>i made a filter and it works fine (it writes history to history.log) but still it writes it to those 3 files (debug ,
syslog, messages) as well ...<br>
so now everything I type is written to 4 files (debug ,
syslog, messages and history.log) ...<br><br>is there
possibility to configure syslog-ng to log history only to one file (for
example history.log) and leave others files clean?
<br>
<br>best regards<br>nichu<br><br>My standard configuration (with my modifiication to route history to history.log) looks like this:<br>
<br><br># Copyright 2005 Gentoo Foundation<br># Distributed under the terms of the GNU General Public License v2<br>#
$Header:
/var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.hardened,v
1.5 2007/10/30 17:16:15 solar Exp $<br>
<br>#<br># Syslog-ng configuration file, compatible with default hardened installations.<br>#<br><br>options {<br> chain_hostnames(off);<br> sync(0);<br> stats(43200);<br>};<br><br>source src { unix-stream("/dev/log"); internal(); };<br>
source kernsrc { file("/proc/kmsg"); };<br><br>destination authlog { file("/var/log/auth.log"); };<br>destination syslog { file("/var/log/syslog"); };<br>destination cron { file("/var/log/cron.log"); };<br>
destination daemon { file("/var/log/daemon.log"); };<br>destination kern { file("/var/log/kern.log"); file("/dev/tty12"); };<br>destination lpr { file("/var/log/lpr.log"); };<br>destination user { file("/var/log/user.log"); };<br>
destination uucp { file("/var/log/uucp.log"); };<br>destination mail { file("/var/log/mail/mail.log"); };<br><br>destination avc { file("/var/log/avc.log"); };<br>destination audit { file("/var/log/audit.log"); };<br>
destination pax { file("/var/log/pax.log"); };<br>destination grsec { file("/var/log/grsec.log"); };<br>destination historia { file("/var/log/history.log"); };<br><br>destination mailinfo { file("/var/log/mail/<a href="http://mail.info/">mail.info</a>"); };<br>
destination mailwarn { file("/var/log/mail/mail.warn"); };<br>destination mailerr { file("/var/log/mail/mail.err"); };<br><br>destination newscrit { file("/var/log/news/news.crit"); };<br>destination newserr { file("/var/log/news/news.err"); };<br>
destination newsnotice { file("/var/log/news/news.notice"); };<br><br>destination debug { file("/var/log/debug"); };<br>destination messages { file("/var/log/messages"); };<br>destination console { usertty("root"); };<br>
destination console_all { file("/dev/tty12"); };<br><br>destination xconsole { pipe("/dev/xconsole"); };<br><br>filter f_auth { facility(auth); };<br>filter f_authpriv { facility(auth, authpriv); };<br>
filter f_syslog { not facility(authpriv, mail); };<br>filter f_cron { facility(cron); };<br>filter f_daemon { facility(daemon); };<br>filter f_kern { facility(kern); };<br>filter f_lpr { facility(lpr); };<br>filter f_mail { facility(mail); };<br>
filter f_user { facility(user); };<br>filter f_uucp { facility(uucp); };<br>filter f_debug { not facility(auth, authpriv, news, mail); };<br>filter f_messages { level(info..warn)<br> and not facility(auth, authpriv, mail, news); };<br>
filter f_emergency { level(emerg); };<br><br>filter f_info { level(info); };<br><br>filter f_notice { level(notice); };<br>filter f_warn { level(warn); };<br>filter f_crit { level(crit); };<br>filter f_err { level(err); };<br>
<br>filter f_avc { match(".*avc: .*"); };<br>filter f_audit { match("^audit.*") and not match(".*avc: .*"); };<br>filter f_pax { match("^PAX:.*"); };<br>filter f_grsec { match("^grsec:.*"); };<br>
filter f_history { match(".*HISTORY*"); };<br><br>log { source(src); filter(f_authpriv); destination(authlog); };<br>log { source(src); filter(f_syslog); destination(syslog); };<br>log { source(src); filter(f_cron); destination(cron); };<br>
log { source(src); filter(f_daemon); destination(daemon); };<br>log { source(kernsrc); filter(f_kern); destination(kern); };<br>log { source(src); filter(f_lpr); destination(lpr); };<br>log { source(src); filter(f_mail); destination(mail); };<br>
log { source(src); filter(f_user); destination(user); };<br>log { source(src); filter(f_history); destination(history); };<br>log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };<br>log { source(src); filter(f_mail); filter(f_warn); destination(mailwarn); };<br>
log { source(src); filter(f_mail); filter(f_err); destination(mailerr); };<br>log { source(src); filter(f_debug); destination(debug); };<br>log { source(src); filter(f_messages); destination(messages); };<br>log { source(src); filter(f_emergency); destination(console); };