On Wed, Feb 28, 2001 at 07:43:29PM +0100, Maciek Pasternacki wrote:
Hello,
I have following configuration on my machine:
source logdev { unix-stream("/dev/log"); }; destination foo { program("/home/foo/.bin/loglogs.pl"); }; filter f_foo { not priority(debug) and not facility(mail); }; log { source(logdev); filter(f_foo); destination(foo); };
File /home/foo/.bin/loglogs.pl come as follows:
#!/usr/bin/perl open FOO, ">/tmp/loglog.log"; while ( <STDIN> ) { print FOO $_; } close FOO;
Could anybody tell why file /tmp/loglog.log stays empty no matter what I do?
When I used to use syslog-ng 1.4.5 I used following way to solve similar problem: ... destination private { program ("/usr/local/sbin/syslog-ng.sh"); }; ... filter f_private { (match ("SunOS") and not match ("ftpd")) or match ("ERR") or match ("Err") or (match ("err") and not match ("Authentication")) or match ("WARN") or match ("Warn") or match ("warn") or match ("LOST") or match ("Lost") or (match ("lost") and not match ("ftpd")) or match ("fatal") or match ("Fatal") or (match ("fail") and not match ("Authentication")); ... log { source (src); filter (f_private); destination (private); }; ... /etc>cat /usr/local/sbin/syslog-ng.sh while read DATA do echo $DATA | /usr/ucb/mail -s ">>>> charlie: $DATA <<<<" root done /etc> It worked basically. przemol