Hello<br><br>I have a problem with syslog-ng using match() in my filters. Here is the part of my syslog-ng.cong:<br><br>&quot;<br>######<br># sources<br><br># all known message sources<br>source s_all {<br>        file(&quot;/etc/syslog-ng/logtest&quot; follow_freq(1));<br>
};<br><br><br>######<br># destinations<br><br>destination d_apache {<br>file(&quot;/etc/syslog-ng/logapache&quot;);<br>};<br><br>destination d_system {<br>file(&quot;/etc/syslog-ng/logsystem&quot;);<br>};<br><br>destination d_autres {<br>
file(&quot;/etc/syslog-ng/logautres&quot;);<br>};<br><br>######<br># filters<br><br>filter f_apache {<br>match(apache);<br>};<br><br>filter f_system {<br>match(system);<br>};<br><br>filter f_autres {<br>match((?!apache));<br>
};<br><br><br>######<br># logs<br><br>log {<br>source(s_all);<br>filter(f_apache);<br>destination(d_apache);<br>};<br><br>log {<br>source(s_all);<br>filter(f_system);<br>destination(d_system);<br>};<br><br>log {<br>source(s_all);<br>
filter(f_autres);<br>destination(d_autres);<br>&quot;<br><br>As you can see, I want to search in lines if the string apache is present, if system is present or if apache  is not present. The first two filters are OK, but the third doesn&#39;t work. Can you help me to solve the problem?<br>
<br>Thanks.<br>