What does your config file look like, here is an ex, of mine, i use filters to to force the host to log to the text file. ## tking switch 192.168.3.254 destination 192.168.3.254 { file("/var/log/routers/tking-switch.log"); }; filter f_192.168.3.254 { host(192.168.3.254); }; log { source(net); filter(f_192.168.3.254); destination(192.168.3.254); }; michael http://vw.vermeer.org/syslog-ng/
rob@rascal.ca 01/19/02 18:23 PM >>> Hi everyone,
I'm pretty new to syslog-ng, but I really like it so far, except for one thing I can't figure out...(it could be a clueless newbie issue.) I'm using syslog-ng on FreeBSD 4.4 to log everything for about 10 cisco routers/switches right now, with about 30 more that will be added over the next week or two. I have them logging to separate files right now, and that works great, with newsyslog archiving stuff, etc etc. Works wonderfully. However, everything keeps leaking into my /var/log/messages file, which I don't want it to do. I *just* want it in their separate files. An example of what I use for filters is: filter f_gig2 { host("gig2-0"); }; And for log: log { source(src); filter(f_gig2); destination(gig2); }; And for destination: destination gig2 { file("/var/log/peer1/vancouver/gig2-0"); }; Anyone have any suggestions? Thanks in advance! -Rob. _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng