But I think as per the example the syslog will just send the log if it match specific string like ( attackalert ) in the example, But I want it send all new logs from this IP when comming without matching a specific string or word, Can you help in this ? From: reakyrok@hotmail.com To: syslog-ng@lists.balabit.hu Date: Wed, 1 Jul 2009 15:49:42 +0300 Subject: Re: [syslog-ng] Send a specific log by email Ohh Sorry I didn't note it, Thanks so much dear friend Best Regards Bassam Muhammad
Date: Wed, 1 Jul 2009 14:26:18 +0200 From: Siem.Korteweg@qnh.nl To: syslog-ng@lists.balabit.hu Subject: RE: [syslog-ng] Send a specific log by email
Hi,
the example script is in the same section of the page. Store it in the path of your destination -> program. Edit it and change the contents of the variable $TO to indicate the destination and check whether your system knows /usr/sbin/sendmail.
regards,
Siem Korteweg
-----Oorspronkelijk bericht----- Van: syslog-ng-bounces@lists.balabit.hu namens Reaky Rok Verzonden: wo 1-7-2009 14:21 Aan: syslog-ng@lists.balabit.hu Onderwerp: Re: [syslog-ng] Send a specific log by email
This's great But what about the perl escript, Could you please provide anexample for it, As I'm not good in programming. Thanks for your help
Best Regards Bassam Muhammad
Date: Tue, 30 Jun 2009 19:04:55 +0200 From: Siem.Korteweg@qnh.nl To: syslog-ng@lists.balabit.hu Subject: RE: [syslog-ng] Send a specific log by email
Hi Reaky,
define a new source with your specific IP and define a destination using "program" in stead of "file" (http://www.campin.net/newlogcheck.html "Email certain logs"). Finally you combine both in a new log-definition.
regards,
Siem Korteweg
-----Oorspronkelijk bericht----- Van: syslog-ng-bounces@lists.balabit.hu namens Reaky Rok Verzonden: di 30-6-2009 11:20 Aan: syslog-ng@lists.balabit.hu Onderwerp: [syslog-ng] Send a specific log by email
Hi friends I have syslog-ng installed in RHEL5 server, I make it as CEntral log for all servers in my network, Filtered by IP Now What I want to do is make it send to me an email for a specific log for one of my server, In other word when any log sent from this IP (192.168.1.1 ) For example to send me email with this new log value to myemail@mydomain.com The following is the part of configuration for my syslog-ng.conf that related with remote servers. =============================================
source s_remote { tcp(ip(0.0.0.0) port(514)); udp(ip(0.0.0.0) port(514)); };
destination d_separatedbyhosts { file("/var/log/syslog-ng/servers/$HOST/$FACILITY.log" owner("root") group("root") perm(0640) dir_perm(0750) create_dirs(yes)); };
log { source(s_remote); destination(d_separatedbyhosts); }; ===============================================
Thanks Best Regards Reaky
_________________________________________________________________ Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&...
_________________________________________________________________ Drag n' drop-Get easy photo sharing with Windows LiveT Photos.
http://www.microsoft.com/windows/windowslive/products/photos.aspx
What can you do with the new Windows Live? Find out _________________________________________________________________ Show them the way! Add maps and directions to your party invites. http://www.microsoft.com/windows/windowslive/products/events.aspx