Si -----Original Message----- From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of syslog-ng Sent: Monday, July 18, 2005 5:23 PM To: syslog-ng@lists.balabit.hu Subject: [syslog-ng] syslog-ng and host() filters regex problem hello, I have a problem with syslog-ng and host() filters regex. I need to sort out logs coming from different source addresses in various files, so I started with this configuration: filter f_cp_ { host("10.28.88.4"); }; [10 similar host filters] filter f_pix_1 { host("10.29.42.3"); }; for every filter I defined a file destination and a log statement like this one: log { source(s_udp); filter(f_pix_1); destination(nfs_pix_1); }; This configuration works as expected, but since logs might come from other IP addresses which don't have to get mixed up (eg 10.28.88.41 matches the first filter but shouldn't) I'd like to use a regexp in the host file; I tried just by adding a $ at the end of the IP, like this: filter f_cp_dl380 { host("10.28.88.4$"); }; [10 similar host filters] filter f_pix_1VF { host("10.29.42.3$"); }; After sending a HUP to the process syslog-ng stops writing input packets to the various log files. Just removing the $ after the ip address and sending another HUP to the server restores functionality. I also tried with a full IP regexp, as found in another post on the list (host("^10\.28\.88\.4$")) but the result is the same. I also tried upgrading my syslog-ng from 1.6.2 to 1.6.8 but nothing changed. It seems like the config parser is somehow unable to manage more than a handful of host regexps correctly. I can provide full configuration files if needed. thanks for the help, Stefania _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html