Hi,

I have install syslog-ng on my remote server. I need to centralized my pflog (firewall log) and snort alert to the syslog server. For your info i have successfully log all log except the pflog and snort alert. I have define the snort alert as local0.info and pflog as local1.info. Can you all give me the sample of configuration?

I have tcpdump for and grep the local1.info and local0.info and its show on console. I'm confuse why the system not write to destination that i specify.

Below is some configuration that i do on syslog-ng.conf (destination):
destination local0 { file("/var/log/remote/local0.log"); };
destination local1 { file("/var/log/remote/local1.log"); };

TQ




--
MUHAMMAD AZIZUL DARUS
http://www.foodmalaysia.net
http://www.myfelis.com
http://yourubuntulinux.blogspot.com
http://opensource-2u.blogspot.com
http://photograph2u.blogspot.com
http://malaysiataste.blogspot.com
http://jomshopping.blogspot.com
http://jahitan-manik.blogspot.com
http://nissan-maniac.blogspot.com
http://narutoslash.blogspot.com/