Lainaus Mark Knirk <syslog-ng@decep.net>:
Here is a snippit of what I do this setup a listener, create a destination file based upon the host and date, the filter logs only on the host which the log came from.
Here's what I tried: source s_udp { udp(ip("0.0.0.0") port(514)); filter f_gnatbox { host("fw-fxp3"); }; destination d_gnatbox { file("/var/log/gnatbox/$HOST/$YEAR/$MONTH/$FULLDATE.log" owner (root) group(logs) perm(0640) dir_perm(0770) create_dirs(yes$ }; log { source(s_udp); filter(f_gnatbox); destination(d_gnatbox);}; Tcpdump displays that syslog messages are sent to syslog-ng: 19:48:47.968036 fw-fxp3.syslog > localhost.syslog: udp 123 But no files or folders are created under /var/log/gnatbox. With standard syslog I know that I can create three different log files based on local0.* local1.* local2.*. -MiikaT