[syslog-ng] syslog-ng and cisco's problem

Hi all, I'm trying to set up a syslog-ng 2.0.0 on Red Hat Enterprise 4.0 i386 edition. I have already set up my /etc/syslog-ng.conf file in following way: [root@swlogg02 cisco]# cat /etc/syslog-ng.conf # syslog-ng configuration file. # # This should behave pretty much like the original syslog on RedHat. But # it could be configured a lot smarter. # # See syslog-ng(8) and syslog-ng.conf(5) for more information. # options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (yes); keep_hostname (yes); }; source s_cisco { udp(ip(0.0.0.0) port(514)); }; destination d_cisco_d { file("/var/log/cisco/$HOST/$YEAR/$MONTH/$DAY/log"); }; destination d_cisco_c { file("/var/log/cisco/$HOST/$YEAR/$MONTH/$DAY/log"); }; filter f_cisco_d { level(debug); }; filter f_cisco_c { level(crit); }; log { source(s_cisco); filter(f_cisco_d); destination(d_cisco_d); }; log { source(s_cisco); filter(f_cisco_c); destination(d_cisco_c); }; but I only got logs from only one machine, for your information from ASA5520. I would liek to receive messages from almost 50 machines (routers/switches/firewalls, etc). As general I set up on firewalls critical level of logging and on router/switches debug. Could you please tell me what I did wrong? regards -- Michał Rębelski