Hery Fanomezantsoa <rhfano@gmail.com> writes:
filter f_mail { host("192.168.10.60") and facility(17); };
Are you sure this will do what you expect it to do? But, to make it clear: when you try to start up syslog-ng, does it start, or does it display an error? Or does neither? If it starts up, is it listening on port 1468? (check with netstat -tlnp | grep syslog-ng). If it is listening there, and you send messages, do they disappear? Do they still disappear if you remove the filter? If they don't, I'd suggest adding the following to your syslog-ng.conf: options { use_dns(no); }; I believe your problem is that your filter doesn't work, because syslog-ng resolves the hostname, so it never matches an IP. Disable resolving, and there you go. -- |8]