Relax man, this is not one of those eLiTe-BBSes in the early nineties.. ;) Robert -----Original Message----- From: Snortball [mailto:snortball@hotmail.com] Sent: den 6 november 2001 16:53 To: syslog-ng@lists.balabit.hu Subject: Re: [syslog-ng]syslog-ng messages sent to outside prog I'M VERY VERY SORRY! This was supposed to go to the sender, not the list....I promise I'll stop being stupid.... ----- Original Message ----- From: "Snortball" <snortball@hotmail.com> To: <syslog-ng@lists.balabit.hu> Sent: Tuesday, November 06, 2001 9:25 AM Subject: Re: [syslog-ng]syslog-ng messages sent to outside prog
Hi,
Is there any chance that I can get a copy of your mail script? I can't seem to get one to work. Yes, I'm a newbie.....but I'm trying!
Thanks,
Sb ----- Original Message ----- From: "Nate Campi" <nate@campin.net> To: <syslog-ng@lists.balabit.hu> Sent: Monday, November 05, 2001 6:03 PM Subject: [syslog-ng]syslog-ng messages sent to outside prog
I setup a match line to match the string "attackalert" from portsentry, and I pipe this off to a script that mails it to me.
This works great, but I get emails with "<29>" prepended to it. Example:
<29>Nov 5 12:46:37 skitzo portsentry[121]: attackalert: Host 209.202.221.43 has been blocked via dropped route using command: "/usr/local/sbin/iptables -I INPUT -s 209.202.221.43 -j DROP"
I just setup sqlsyslogd to output to a mysql database from a program() destination, and it prepends the <29> to the messages sent there as well.
I checked out http://www.ietf.org/rfc/rfc3164.txt and it looks like this is a priority. How can I keep this from showing up in the output? I hacked sqlsyslogd to print the string from 4 chars into the timestamp, so my mysql inputs are clean, but what do I do to clean up the mail? -- Nate Campi http://www.campin.net GnuPG key: 0xC17AEF79 Key fingerprint = BF12 722F 8799 E614 33CC FAB7 5A90 C464 C17A EF79
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng