We got SYSLOG-NG to support this configuration if the local IP address of the host unit was input. However, it failed when we entered a remote system. Is it possible to use syslog-ng to accept data from specific hosts and reject it from others? If possible we'd like to use UDP to keep overhead as low as possible. The configuration below only accepted the local host IP. Thanks, -----Original Message----- From: syslog-ng-admin@lists.balabit.hu [mailto:syslog-ng-admin@lists.balabit.hu]On Behalf Of Balazs Scheidler Sent: Thursday, December 07, 2000 5:42 AM To: syslog-ng@lists.balabit.hu Subject: Re: [syslog-ng]Question....
We're trying to configure syslog-ng to only accept logs from specific servers. Here is the code we've implemented within syslog-ng.conf.
options { long_hostnames(off); sync(0); }; source src { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); udp(192.168.1.20,514); };
However, we get the following error when we start the daemon:
parse error at 5 Parse error reading configuration file, exiting.
your udp declaration should be: udp(ip(192.168.1.20) port(514)) 514 is the default port.
The objective is to only allow certain hosts to log to this server. Any help would be appreciated.
packet filter? -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng