As with many people I am using syslog-ng to send all my logs to a central source. A bunch of the logs I am sending are from growing log files. I have everything working and quite well, but I have one problem. When syslog-ng builts the log statement it goes in the following format: Oct 20 09:59:24 server_pipe@linuxp17 [org.jboss.resource.connectionmanager.IdleRemover] run: IdleRemover notifying pools, interval: 450000 server_pipe is the name of the source, defined on the client syslog server, this log is coming from. When this log is piped via tcp to the central server I want to be able to filter the server_pipe part and send it to a specific destination. Can this be done? From what I've read the match only works on the message section. I need to filter based the source. Any ideas? Thanks a bunch. -Rob Becker ********************************************************************** The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Motorists Insurance Group will not be liable for direct, special, indirect or consequential damages arising from the alteration of the contents of this message by a third party or as a result of any virus being passed on. **********************************************************************