Ok Thanx -----Original Message----- From: syslog-ng-admin@lists.balabit.hu [mailto:syslog-ng-admin@lists.balabit.hu] On Behalf Of Henning Markussen Sent: Friday, June 18, 2004 2:57 PM To: syslog-ng@lists.balabit.hu Subject: Re: [syslog-ng]filter problem Hi That is because the filter cisco_1 matches the address 192.168.0.1*, ex. 192.168.0.1 or 192.168.0.10 or 192.168.0.100 or 192.168.0.111 The filter at-rpg6_1 matches 192.168.0.10* ex. 192.168.0.10 or 192.168.0.100 or 192.168.0.102 or 192.168.0.109 Change the filter to filter cisco_1 { host ("192.168.0.1$"); }; filter at-rpg6_1 { host ("192.168.0.10$"); }; - Henning

Hi all. I have some network devices witch syslog function from example

1. 192.168.0.1 2. 192.168.0.10

I create syslog config and define this filter's

----------------------------------------------------------------------------

-------------------------------------

source s_network { udp ( ip (0.0.0.0) port (514) ); };

filter cisco_1 { host ("192.168.0.1"); };

filter at-rpg6_1 { host ("192.168.0.10"); };

destination cisco_1 { file ( /usr/local/syslog-ng/log/cisco.log ); };

destination d_file_6 { file ( /usr/local/syslog-ng/log/at-rpg6.log ); };

log { source ( s_network ); filter ( cisco_1 ); destination ( cisco_1); };

log { source ( s_network ); filter ( at-rpg6_1 ); destination ( d_file_6 ); };

----------------------------------------------------------------------------

---------------------------------------

In this config I have some mistake, messages send from 192.168.0.10 stored into /usr/local/syslog-ng/log/at-rpg6.log

And it also stored /usr/local/syslog-ng/log/cisco.log

What's wrong ?

forgive me for bad english

WBR swop.

_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html