17 May
2000
17 May
'00
7:46 p.m.
Brian,
source local { unix-stream("/dev/log"); internal(); }; # no kern.* source net { udp(ip(0.0.0.0) port(514)); }; # kern facility OK
have you tried including "file (/dev/kmsg)" as a source? I have the following on one of my machines, and it logs ipchains output perfectly: source src { unix-stream("/dev/log"); file("/proc/kmsg"); internal(); }; Regards, Ger.