[root@czchovwint011 root]# cat /dev/log-syslog-ng & [1] 12411 [root@czchovwint011 root]# logger -p mail.info "xxxxxxxxxxxxxxx" Apr 7 16:29:24 czchovwint011 root: xxxxxxxxxxxxxxx I tried the proposal action and it's partially clear. It is going out in the same format as it is in the syslog file file - without facility and priority. So I have to create pipe for all the lines in syslog.conf and not to use filters. Thanks a lot Jochen. Regards Lumir Unzeitig ________________________________ From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of Jochen Kirn Sent: Friday, April 07, 2006 3:09 PM To: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] filters do not work from syslogd pipe as a source 2006/4/7, Lumir Unzeitig (DHL CZ) <lumir.unzeitig@dhl.com>: .. It's looking like the facility, priority information has been lost after syslogd evaluation or by going through the pipe. (All events go only to /dev/null destination) Have you tried to log the messages read from the pipe without the filter to a file and post an example of the log entries to this mailling list ? I've a similar problem on AIX (5.3 ML3) where the system syslog daemon writes its messages to a named pipe and syslog ng should read from it. But for some odd reason AIX syslog adds the FACILITY and LEVEL to the log message which causes that the LEVEL field "shifts" to the right. Therefore Syslog-NG isn't able to parse this correctly, because it interpreted the FACILITY entry as program name ... I don't know what causes this, because I can't reproduce this problem on AIX 5.2 or below. regards Jochen