now when i use the TCP CONNECTION I CAN RECIVE NOTHING
******************syslog server**************** syslog 2.0.9
source my_tcp {
tcp(ip(0.0.0.0) port (415)); // they saied 0.0.0.0 means recive from any ip adress i also tried tcp ( port(514));
same thing};
destination my_dest{ file("/var/log/Sami/$HOST/messages" owner("root") group("root") perm(0640) dir_perm(0750) create_dirs(yes));
};
log { source(my_tcp); #filter(my_filter);
destination(my_dest); };
************************************************************
******************syslog client***************2syslog 2.0.10
source my_src { file("/var/log/apache2/error_log" follow_freq(1) ); };
#filter my_filter { };
destination my_dest{ tcp("192.168.1.64) port(514); };
log { source(my_src); #filter(my_filter);
destination(my_dest); };
**********************************************************************************
where is the problem
help me plz
it was working on one machine but when i send to he syslog server i have nothing
2009/3/12 Balazs Scheidler
<bazsi@balabit.hu>
On Thu, 2009-03-12 at 06:55 +0100, gatfi sami wrote:
> thank you
> another thing please
> i would like to ask you if it is possible to change the TAG of sent
> message
> for example
> give the messages sent to a syslog server tag a value ( 0X11)
> and then in the server filter on this tag
> i am killing myself to tell my techer that the tag and priority flag
> are assigned automaticly by syslog and he insistes on the fact that we
> can change their value
it is not currently possible. you can rewrite all text based fields
(host, program, msg) but you can't do it with non-text fields like the
tag.
There was a related mail the other day, read the mailing list archives.
--