Hello List,<br><br>I&#39;m using the syslog-ng OSE version 3.1.2.<br><br>Currently,
 I have a syslog-ng server which collects events from several devices : 
routers (Cisco), switches (Alcatel), other devices which send events to 
the syslog server by using the port 514 with the protocol UDP.<br>
<br>For the router and the switch, I need to use the flag &quot;no-parse&quot; because
 I have to parse the content of the message by using &quot;patterndb.xml&quot;.<br>
But... for the others devices I don&#39;t want to use the flag &quot;no-parse&quot; because the events respect the syslog format.<br>
<br>
I think it&#39;s not possible to configure syslog-ng like this :<br>
   source s_udp_01 { udp (flags(no-parse); };<br>
   source s_udp_02 { udp (); };<br><br>   log { source (s_udp_01); (...) };<br>   log { source (s_udp_02); (...) };<br>
<br>
The workaround could be the modification of udp port destination for the
 devices but it&#39;s not possible for the switch Alcatel. For the router 
Cisco, I don&#39;t know if it&#39;s possible or not...<br>
<br>Someone would have an idea for that &quot;problem&quot; ?<br>
<br>
Regards,<br>
<br>
Yann I.<br>