Hi all,<br>
i m having too much noise in my syslog-ng logs both in mysql db and in text logs. For that i tried program filters<br>
like .<br>
<br>
filter f_auth { facility(auth); };<br>
filter f_ftp {program(ftp);};<br>
filter f_ssh {program(pam_unix);};<br>
log {source(stunnel); filter(f_syslog); filter(f_auth); filter(f_ftp); filter(f_ssh); destination(d_mysql);};<br>
<br>
what actually i want to log messages from program 'vsftp', 'wsftpd' and
'sshd' for that i tried regexp like '*ftp*', *ssh*, but its not working
can someone refine the filters for just logging traffic having program
'ftp' or 'ssh' in them.<br>
<br>
<br>
Thanks<br>