Hi! We had a short chat with Bazsi earlier today, and he's working on a feature that will allow syslog-ng to pick out UNIX credentials passed through unix sockets (such as /dev/log). This means that we receive the PID, the UID and the GID of the sending program, and can opt to store it someplace. So far, syslog-ng was not doing that, but with the new feature, it becomes possible to store these. The idea at the moment is, is to have a flag for unix-* sources that enables collecting these credentials. If turned off (the default, unless using system(), which would turn it on for /dev/log), nothing changes. If turned on, it would replace the $PID sent over the socket with the one extracted from credentials. It would also add the "${.unix.GID}" and "${.unix.UID}" properties to the log message, along with "${.unix.EXE}" on platforms that support looking up the executable (Linux, for now). We'd like to invite the broader community to share your feelings about this feature, the naming of the properties and how You would like it to work, if you're interested in making use of this functionality. -- |8]