Hi all, I installed syslog-ng for central logging in a company. The remote logging works perfectly. The syslog-ng machine should log its own logs to central repository and to typical /var/log by syslogd as well. I changed the original syslogd port to different one (510/udp) and created a pipe device which will be used for transport between syslogd and syslog-ng. /etc/syslog.conf ----------------------- *.info;mail.none;authpriv.none;cron.none /var/log/messages *.* |/dev/log-syslog-ng ----------------------- Generally the pipe is working the events are logged in by syslogd and syslog-ng as well. BUT if I apply any standard filter for the pipe source the statement is false in spite of should being true. Part of /etc/syslog-ng/syslog-ng.conf ----------------------------------------------------- options { ....... }source s_local { pipe("/dev/log-syslog-ng"); file("/proc/kmsg"); }; destination d_mesg_XXXX { file("/local/messages"); }; destination d_null { file("/dev/null"); }; filter f_mail_XXXX { level(debug); }; log { source(s_local); filter(f_mail_XXXX); destination(d_mesg_XXXX); }; log { source(s_local); destination(d_null); flags(final); }; ---------------------------------------------------- It's looking like the facility, priority information has been lost after syslogd evaluation or by going through the pipe. (All events go only to /dev/null destination) Any help is appreciated. Thanks Lumir Unzeitig