JP Vossen <jp@jpsdomain.org> writes:
This is probably totally obvious, but it's not jumping out at me in the admin guide or Google. How can I turn off the TCP connection logs like:
Jun 22 01:40:47 centos5 syslog-ng[31034]: Syslog connection accepted; fd='10', client='AF_INET(192.168.1.148:46400)', local='AF_INET(0.0.0.0:514)' [...] Jun 22 01:40:47 centos5 syslog-ng[31034]: Syslog connection closed; fd='10', client='AF_INET(192.168.1.148:46400)', local='AF_INET(0.0.0.0:514)'
I assume these are coming from the syslog-ng internal() source, but I'm not seeing how to turn only those off without affecting other internal syslog-ng messages. What am I being totally dense about and missing?
It is, indeed, coming from the internal() source, and the easiest way to turn them off would be to filter them: filter f_syslconn { match("Syslog connection accepted;" type("string")); }; And use that filter in the destination. Something like that. -- |8]