16 May
2005
16 May
'05
10:59 a.m.
Hi all, i m having too much noise in my syslog-ng logs both in mysql db and in text logs. For that i tried program filters like . filter f_auth { facility(auth); }; filter f_ftp {program(ftp);}; filter f_ssh {program(pam_unix);}; log {source(stunnel); filter(f_syslog); filter(f_auth); filter(f_ftp); filter(f_ssh); destination(d_mysql);}; what actually i want to log messages from program 'vsftp', 'wsftpd' and 'sshd' for that i tried regexp like '*ftp*', *ssh*, but its not working can someone refine the filters for just logging traffic having program 'ftp' or 'ssh' in them. Thanks