Hi, I've configured syslog-ng for receiving alerts from remote system( /var/log/messages). I've configured 2 destinations 1. A file snort.log , i'm getting alerts in this file 2. email alerts, i'm unable to receive email alerts I've tested the script alert_mail.sh externally and it works.(i'm able to get mails, so sendmail is working) can someone help in solving this problem. Regards, Agnelo syslog-ng.conf ================== source sensors { internal(); tcp(ip(10.0.41.175) port(514) max-connections(7)); unix-stream("/dev/log"); }; destination localhost { file("/var/log/snort.log"); }; destination email_alert_script {program ("/usr/local/bin/alert_mail.sh"); }; log { source(sensors); destination(localhost); }; log {source(sensors); destination(email_alert_script); }; ========================== alert_mail.sh ==================== #!/bin/sh while read line; do echo $line |mail -s "Snort Alert" idsalert@xxxx.com done --------------------------------- Do you Yahoo!? Yahoo! Small Business $15K Web Design Giveaway - Enter today