On Thu, 2007-03-15 at 11:36 -0400, Lily Feng wrote:
Hi ,
I tried to map the syslog.conf to syslog-ng.conf via syslog2ng: mark.info It is mapped to filter f_1 { facility(mark) and level(info..emerg);} It could not pass the verification because facility(mark)is not correct. How to fix it?
I don't know what the 'mark' facility is for, in fact I've never seen it referenced. The set of facitilities syslog-ng knows depends on the system it was compiled on, but you can use custom facilities if you know their 'numerical code'. The list of commonly defined facilities can be found in RFC3164 (section 4.1.1), that RFC might be worth a read if you are getting involved in syslog. (and checking out www.syslog.org and www.loganalysis.org websites) -- Bazsi