filter syslog - syslog-ng - lists.balabit.hu

newer
HP-UX logging solved (I think...)

filter syslog

older
no match() statement

pierrick le fol

5 Mar 2001 5 Mar '01

2:01 p.m.

Hello, I seek a person who could help me in the filtering of event syslog. I wish filter the messages by address IP. If you have information or competences in this field, I am taking. Thank you for

Attachments:

attachment.html (text/html — 776 bytes)

Show replies by date

Gregor Binder

5 Mar 5 Mar

2:09 p.m.

pierrick le fol on Mon, Mar 05, 2001 at 03:01:24PM +0100: Hi, I am assuming you are trying to filter by source host, right?

I seek a person who could help me in the filtering of event syslog. I wish filter the messages by address IP. If you have information or competences in this field, I am taking.

This is very easy with syslog-ng, just use a destination like this on your log server: destination d_host { file ("/var/log/$HOST.log"); }; and syslog-ng will log messages in seperate logs for each hostname or address it is getting messages from. Regards, Gregor. -- Gregor Binder <gregor.binder@sysfive.com> http://sysfive.com/~gbinder/ sysfive.com GmbH UNIX. Networking. Security. Applications. PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55

pierrick le fol

3:59 p.m.

I do not want to filter the events of host, but the messages of equipment network (router...). I thus filter IP addresses. Can filtering it be done? ----- Original Message ----- From: "Gregor Binder" <gbinder@sysfive.com> To: <syslog-ng@lists.balabit.hu> Sent: Monday, March 05, 2001 3:09 PM Subject: Re: [syslog-ng]filter syslog

pierrick le fol on Mon, Mar 05, 2001 at 03:01:24PM +0100:

Hi,

I am assuming you are trying to filter by source host, right?

...
I seek a person who could help me in the filtering of event syslog. I wish filter the messages by address IP. If you have information or competences in this field, I am taking.

This is very easy with syslog-ng, just use a destination like this on your log server:

destination d_host { file ("/var/log/$HOST.log"); };

and syslog-ng will log messages in seperate logs for each hostname or address it is getting messages from.

Regards, Gregor.

-- Gregor Binder <gregor.binder@sysfive.com> http://sysfive.com/~gbinder/ sysfive.com GmbH UNIX. Networking. Security. Applications. PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55

_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng

8955

Age (days ago)

8955

Last active (days ago)

Download

2 comments

2 participants

tags

participants (2)

Gregor Binder
pierrick le fol