28 Dec
2025
28 Dec
'25
11:23 a.m.
2025-12-28 07:11:35 (+0000), Peter Czanik (pczanik) wrote:
Hi,
This filter might be slow down logging of large amount of logs (100k+ EPS), but works fine:
filter f_iptables { facility(kern) and message("IN=") and message("OUT="); }; filter f_messages { not facility(news, mail) and not filter(f_iptables); };
Hi. Thanks for reply. This will probably prevent logging iptables at all. I need to prevent logging numerous attempts to connect on some ports. In my example port 137.
This example is from the default openSUSE syslog-ng configuration. You can check the whole file at https://build.opensuse.org/projects/home:czanik:syslog-ng-githead/packages/s...
--