-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all. I'm running the latest version of Syslog-ng (1.6.5). I've got all manner of local logging via unix-stream working just fine. My problem comes when I try and pull remote logs from a machine that's running the stock Syslogd, as shipped with Slackware-10.0. I first made sure my Iptables rules were accepting any traffic to UDP port 514. I then set up something like this in syslog-ng.conf. Note h14me is the hostname of the remote machine. source h14me { udp(); }; destination h14melog { file("/var/log/h14me.log"); }; log { source(h14me); destination(h14melog); }; Syslog-ng -s didn't report any errors with this syntax, therefore I assumed it was correct. However, when I restart Syslog-ng I don't see an h14me.log file in /var/log. On the remote machine I did this: @24.249.27.228 That was in /etc/syslog.conf. I had this type of setup going on another machine, however the difference was that I was running stock Syslogd as well. Does anyone know what I might be doing wrong here? Shouldn't Syslog-ng/regular Syslogd be able to communicate since they can both use the UDP standard? Should I instead specify the udp driver in the source that's already working, and then write a filter rule to take anything that comes from given host and put it in its own logfile? Or should I be able to specify 2 completely seperate sources? Thanks! - -- "The answer to life, the universe, and everything is 42." -- Douglas Adams -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFBuQ4BNohoaf1zXJMRApsTAKCcODwcOdfajdKoldQVFbOf5Ew7lQCfTYYe cKJDLElWmMeJNv4FWC1+Tl0= =FsH9 -----END PGP SIGNATURE-----