#set up your source: source net { udp(); } # default port all interfaces #or source net { udp(ip("10.10.10.10") port(514)); };# specific interface and specific port #any sort of filter or none: filter f_local7 { facility(local7); }; #a destination destination d_net { file("/var/log/netmessages" perm(644)); }; # perm is an option, you can leave it off. #or destination d_macro_net { file("/var/log/net/$HOST/$YEAR/$MONTH/$DAY/$FACILITY.log" create_dirs(yes) perm(600)); } #macros #and a log line log { source(net); destination(d_macro_net); }; # everything from the port is logged to the macro determined file log { source(net); filter(f_local7); destination(d_net); }; # only local7 messages logged That shows you a couple of different options as well as some defaults. This really just scratches the surface of what syslog-ng is capable of... -----Original Message----- From: David Aldrich [mailto:david.aldrich@t-modus.nec.co.uk] Sent: Wednesday, November 26, 2003 9:22 AM To: 'syslog-ng@lists.balabit.hu' Subject: RE: [syslog-ng]syslog-ng 1.6.0rc4 build problems Hi
I in no way meant to sound condescending and apologize if it came across that way. It was interesting as I was trying to imagine situations in which that could happen to you, thus trying to help.
Thanks for your help - I wasn't offended at all! I want to experiment with syslog-ng's ability to log messages received on the UDP port. For now, I want to continue to use syslogd to log all other messages - so as not to disturb the system. Please could you or anyone else briefly explain how to make a simple .conf file to log UDP messages with syslog-ng? David Telecom MODUS is an ISO9001/TickIT approved Company. LRQA Certificate of Approval reference 0965133 ************************************************************ THIS MESSAGE IS INTENDED ONLY FOR THE USE OF THE INDIVIDUAL TO WHOM IT IS ADDRESSED AND CONTAINS INFORMATION THAT IS PRIVATE AND/OR PROPRIETARY. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please forward the whole message to admin@t-modus.nec.co.uk Company Registration No.3493954 Telephone Number +44 (0) 1372 381880 Fax Number +44 (0) 1372 381804 Email general@t-modus.nec.co.uk ************************************************************ _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html