Dave have tried your suggestion, but Syslog does not seem to like it. The strange this is, that the statements you have quoted are not dissimilar from the original ones already present. On 20:28:02 January 10, 2005 Dave Johnson <davejjohnson@gmail.com> wrote:
For more postfix information; you can check out: http://logreport.org/doc/gen/email/postfix.php http://www.onlamp.com/pub/a/onlamp/2004/01/22/postfix.html
Looking at those docs; you could change the filter f_mailout and f_mailin previously suggest to look for match ("postfix/smtp") and match ("postfix/smtpd") (respectively) and see what happens.
On Mon, 10 Jan 2005 18:32:49 +0000, JulesF <julesf@the4.co.uk> wrote:
Thanks Dave. I have not got a clue where to start. I'm running Postfix as my MTA. How much more difficult would this be to set up than with Sendmail?
On 18:20:20 January 10, 2005 Dave Johnson <davejjohnson@gmail.com>
wrote: Jules--
This is going to be mta specific. IE: depending on what your running and your requirements are; its possible to have one mta process accept and queue the mail; and another one that send/deliver the mail. If this is the case; it maybe possible for the mta to have different syslog facilities/priorities for each of these processes. Again; this is going to be mta specific. The other option is to regex out the lines your want to be separated. So for example [off the top of my head-- you can try something like this (which I haven't tested:] on sendmail; only logging inbound accepted messages and outbound attempts: (some errors will not be picked up on these regexes):
filter f_mailin { facility (mail); match("daemon=MTA"); }; filter f_mailout { facility (mail); match("mailer=esmtp"); }; destination maillogin { file ("/var/log/maillog.in" perm(0644); }; destination maillogout { file ("/var/log/maillog.out" perm(0644); }; log { source(local); filter(f_mailin); destination(maillogin); }; log { source(local); filter(f_mailout); destination(maillogout); };
On Mon, 10 Jan 2005 17:11:07 +0000, JulesF <julesf@the4.co.uk>
wrote: How would I go about splitting the maillog to show both inbound and outbound services in different files; what amendments need to be made to syslong-ng.conf?
The current maillog entry:
destination d_mail { file("/var/log/maillog"); };
Thanks. J
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/ faq.h tml
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq .html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.h tml
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
participants (1)
-
JulesF