Ok, now that I've got it installed and running (thanks to all who helped)...I have yet another question. When starting syslog-ng (I'm on RedHat 7.2), it just reports that it is starting Kernel Logger, but never reports that syslog-ng started. Is this normal? What am I missing? I modified the init.d script for syslog-ng and put it in the /etc/rc.d/init.d directory, and put syslog-ng.conf.RedHat into /etc/syslog-ng directory. I was also capturing all Cisco devices on my network with syslog, so I added: destination ciscol { file("/var/log/cisco.log"); }; log { source(src1); filter(ciscof); destination(ciscol);}; To capture all the cisco stuff. I did not modify the facility on the Cisco devices, but they are all set to source-interface loopback0. Any ideas? Thanks, Paul