Hi,

I am collecting traps and syslog data

Yes they are being sent to the right place.

Yes the destinations exist and the permissions are correct

I am running Gentoo

And syslog-ng version- 1.6.5-r2

 

The problem is:

log { source(src); filter(f_snmptrap); filter(f_ipbb1); filter (f_ipbb2); destination(ipbb_traps); };

 

if I only have :

log { source(src); filter(f_snmptrap); destination(ipbb_traps); };

or

log { source(src); filter(f_ipbb1); destination(ipbb_traps); };

 

but when I add more filters it give me nothing

Why?

 

 

 

 

Are you collecting traps or syslog data ?

 

Tcpdump is your friend  - are the syslog speakers speaking to the right place ?

Is anything else being logged on the box from other sources?

 

Does the destination exist and permissions correct

 

What os ? Which versions of syslog-ng 

 

 

Hi,

I am trying to collect traps from these two networks. 66.163.79.0/255.255.255.128 and 64.251.65.224/255.255.255.240

I don’t understand why when I do this it doesn’t collect anything

Any ideas/.??

 

-------------------------------------------------------------------------------------------------------

 

source src{unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };

destination messages { file("/var/log/messages"); };

filter f_messages { not level(warn); };

log { source(src);  filter(f_messages); destination(messages); };

 

#filter snmptrap

filter f_snmptrap { level(warn); };

 

#testing filters for the different networks

filter f_ipbb1 {netmask("66.163.79.0/255.255.255.128"); };

filter f_ipbb2 {netmask("64.251.65.224/255.255.255.240"); };

 

destination ipbb_traps { file("/store/ipbb/traps/$YEAR-$MONTH-$DAY"); };

 

log { source(src); filter(f_snmptrap); filter(f_ipbb1); filter (f_ipbb2); destination(ipbb_traps); };

 

-----------------------------------------------------------------------------------------------------------

Kelly Pow

IP Backbone Networks Intern

Shaw CableSystems G.P

Tel: 1.403.303.6387

kelly.pow@sjrb.ca