It's not necessarily dangerous, but it is better to sanitize the untrusted components of the filename, for instance with the $(sanitize) template function. This may or may not be available with PE 4.0.5 that you are using. On Mon, Mar 2, 2020 at 5:38 PM Pal, Laszlo <vlad@vlad.hu> wrote:
Thank you Bazsi,
This is really strange... only this client affected and not the other server which also running RHEL5 + PE4. Right now I'm investigating the issue caused several hours outage and I'm suspicious this behavior can be related to CPU spike caused freezing the whole machine. Is this possible?
I think I figured out why this happened :)
For this specific log source, I'm using a different destination like this
"/var/log/netlog/app/${HOST}/${PROGRAM}/${YEAR}/${MONTH}/${HOST}-${YEAR}${MONTH}${DAY}.log
I suppose, sometimes $PROGRAM is either empty, or contains strings which can cause this *Spurious path* issues.... can we say, using $PROGRAM in local destination is quite dangerous? :)
Thanks Laszlo
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
-- Bazsi