I had this same problem with BIND. I just set up a filter that matched named, and one that did the opposite. destination named { file("/var/log/local/$YEAR/$MONTH/$DAY/named.log"); }; filter f_named { match("named"); }; filter f_nonamed { not match("named"); }; For the logging section, something like this: log { source(localsrc); filter(f_daemon); filter(f_no_stats); filter(f_nonamed); destination(daemon); }; (for ordinary daemon logs) log { source(localsrc); filter(f_daemon); filter(f_named); filter(f_no_stats); destination(named); }; (for named specifically). Works perfectly. It's just a matter of finding the one crucial element that differentiates one type of log from another (named is easy, it prints [named] in every log). Good luck. mark On Wed, Aug 11, 2004 at 09:28:08PM -0500, Anoop Rajendra wrote:

I need to log all messages from iptables, ipmasq to a particular file (say iptables.log) and to that only and nothing else. Is there a way to specifically define this, ie say that messages from this daemon should go nowhere else?

Thanks, Anoop /// ________________________________________________ To be is to program.

_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html