On Thu, 2009-08-13 at 00:26 -0600, Alberto Sierra wrote:
hi there,
i know this is been discussed like a million times already but i'm stuck and can't get around this.
i'm using a program destination in my syslog-ng config, like this: destination test_log { file("/var/log/testlog"); }; destination sshd_alerts { program("/usr/local/bin/ssh_alert_by_email.sh" template("$DATE $HOST $PROGRAM $MSGONLY")); };
try including an end-of-line in your template, since otherwise your script will wait for it. template("$DATE $HOST $PROGRAM $MSGONLY\n") note the last "\n" in the template.
filter sshd { program("sshd"); }; filter login_accepted { match("Accepted password|Accepted publickey"); };
log { source(s_all); filter(sshd); filter(login_accepted); destination(sshd_alerts); destination(test_log); };
and the script as follows:
#!/bin/bash while read line ; do echo $line >> /tmp/testlog done
that's it, it logs to the destination(test_log) but the script does nothing.
i followed a similar thread: https://lists.balabit.hu/pipermail/syslog-ng/2008-March/011512.html
and the script works well interactively in the shell. I think i hit a dead end here... btw version 2.0.9
-- Bazsi