Loic Minier wrote:
Benjamin.Zoeller@salt-solutions.de - Thu, Jun 03, 2004:
The problem is that I can't see the log line itself, thus I am unable here my log:
I think you should send the content of the network packets (containing the log lines). This is achieved with tcpdump -X or -XX under Linux, check man tcpdump if you're running something else.
ah, ok. Now I understand here an login attempt. 15:58:19.707437 XX.XXX.X.XXX.syslog-ng > XXX.XXX.XX.syslog-ng: udp 85 0x0000 4500 0071 ca25 0000 3e11 9ad3 0ac6 00fd E..q.%..>....... 0x0010 0ac7 00fa 0202 0202 005d 04d1 3c31 3430 .........]..<140 0x0020 3e41 4343 543a 204c 4f47 494e 2046 4149 >ACCT:.LOGIN.FAI 0x0030 4c45 4420 6173 2061 646d 696e 2066 726f LED.as.admin.fro 0x0040 6d20 5445 4c4e 4554 2031 302e 3139 392e m.TELNET.10.199. 0x0050 322e 2.