How to filter XDMCP messages ?
Hello, I wonder how to configure syslog-ng to filtering the messages emitted by gdm_xdmcp. this type of messages pollutes my files of logs. Here is messages i don't want : "gdm[3798]: gdm_xdmcp_handle_query: Opcode 1 from ". Best regards Gerard Gerard Breiner Institut d'Astrophysique Spatiale Orsay Campus France
On Tue, Mar 04, 2003 at 02:46:23PM +0100, Gerard Breiner wrote:
I wonder how to configure syslog-ng to filtering the messages emitted by gdm_xdmcp. this type of messages pollutes my files of logs. Here is messages i don't want : "gdm[3798]: gdm_xdmcp_handle_query: Opcode 1 from ".
filter f_not_gdm { not program("gdm"); }; log { source(src); filter(f_not_gdm); destination(syslog); }; This will keep any gdm messages from being logged, which is probably ok. -- Nate Campi http://www.campin.net
On Tuesday 04 March 2003 16:21, Nate Campi wrote:
On Tue, Mar 04, 2003 at 02:46:23PM +0100, Gerard Breiner wrote:
I wonder how to configure syslog-ng to filtering the messages emitted by gdm_xdmcp. this type of messages pollutes my files of logs. Here is messages i don't want : "gdm[3798]: gdm_xdmcp_handle_query: Opcode 1 from ".
filter f_not_gdm { not program("gdm"); };
log { source(src); filter(f_not_gdm); destination(syslog); };
This will keep any gdm messages from being logged, which is probably ok.
Another way is to use a "log{}" without destination: filter f_drop { program(^gdm$); }; log { source(src); filter(f_drop); flags(final); }; The above log{} statement must be prior to all other log{} statements! If you don't want to drop all messages from "gdm" you can define a filter like: filter f_drop { match(^gdm_xdmcp_handle_query:); }; Achim
Thanks a lot, it works very nice I understood. Best regards Gerard. here is my settings. serveur : source local { unix-stream("/dev/log"); udp(ip(0.0.0.0) port(514)); internal(); }; cliente : ----- Original Message ----- From: "Nate Campi" <nate@campin.net> To: <syslog-ng@lists.balabit.hu> Sent: Tuesday, March 04, 2003 4:21 PM Subject: Re: [syslog-ng]How to filter XDMCP messages ?
On Tue, Mar 04, 2003 at 02:46:23PM +0100, Gerard Breiner wrote:
I wonder how to configure syslog-ng to filtering the messages emitted by gdm_xdmcp. this type of messages pollutes my files of logs. Here is messages i don't want : "gdm[3798]: gdm_xdmcp_handle_query: Opcode 1 from ".
filter f_not_gdm { not program("gdm"); };
log { source(src); filter(f_not_gdm); destination(syslog); };
This will keep any gdm messages from being logged, which is probably ok. -- Nate Campi http://www.campin.net _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
Hello, I installed and configured syslog-ng. It works very fine ! Now, I'm seeking a free application to visualize the logs files into a navigator. An idea ? Best regards Gerard Gerard Breiner Institut d'Astrophysique Spatiale Orsay Campus France
Gerard Breiner wrote:
Hello,
I installed and configured syslog-ng. It works very fine ! Now, I'm seeking a free application to visualize the logs files into a navigator. An idea ?
we use a home brew version of what can be found here : http://vermeer.org/syslog/ We log to mysql, then use a heavily modified of an early version of the php script found here : http://www.vermeer.org/projects/php-syslog-ng/ Cordialement, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert & Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - <mailto:jerome.fenal AT logicacmg.com>
participants (4)
-
Achim Gsell
-
Gerard Breiner
-
Jérôme Fenal
-
Nate Campi