Hi,

 

I have the following filter configured;

 

source src_devenv01                    { udp(ip(0.0.0.0) port(514)); };

filter f_devenv01_04net              { netmask(10.22.209.0/24); };

destination d_devenv_04net      { file("/mnt/syslogng/p2alogs/DEVENV/04net-$HOST-$YEAR$MONTH$DAY.log"); };

log                                                    { source(src_devenv01); filter(f_devenv_04net); destination(d_devenv_04net); flags(final); };

 

However, the filter does not work, and the logs from this source all go to the generic logging destination.

 

I perform an strace and I can see that the IP appears as expected, so I’m figuring I have a syntax error somewhere;

 

[pid 28481] recvfrom(11, "<182>1 2016-08-03T10:27:50.645062-04:00 ::1 [[REDACTED]]..., 8192, 0, {sa_family=AF_INET, sin_port=htons(58785), sin_addr=inet_addr("10.22.209.10")}, [16]) = 265

 

Christian Turner