Good evening. Greetings to all users on this list, I've just signed up. Primarily I wanted syslog-ng to do secure remote logging by piping it through stunnel or ssh, but now I've had some time with the config file, I much prefer the syntax. A problem. I have a syntax error in my config file somewhere, and I just can't see it. syslog-ng gives the incredibly helpful: syntax error in 3 Parse error reading configuration file, exiting. (line 3) I've tried every variation I can think of on this line. Anyway, here is the config file: options { sync(0); }; source src { unix-dgram("/dev/log"); internal(); owner("syslog-ng"); group("syslog-ng"); perm(0600); }; source s_tcp { tcp( port(1028) ip("127.0.0.1") max-connections(2)); }; destination authlog { file("/var/log/syslog-ng/$HOST/auth.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination syslog { file("/var/log/syslog-ng/$HOST/syslog.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination cron { file("/var/log/syslog-ng/$HOST/cron.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination daemon { file("/var/log/syslog-ng/$HOST/daemon.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination kern { file("/var/log/syslog-ng/$HOST/kern.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination lpr { file("/var/log/syslog-ng/$HOST/lpr.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination user { file("/var/log/syslog-ng/$HOST/user.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination mail { file("/var/log/syslog-ng/$HOST/mail.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination debug { file("/var/log/syslog-ng/$HOST/debug" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination messages { file("/var/log/syslog-ng/$HOST/messages" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination all { file("/var/log/syslog-ng/$HOST/all.log" owner("syslog-ng") group ("syslog-ng") perm(0600) create_dirs(yes) dir_perm(0600)); }; destination console { usertty("root"); }; destination console_all { file("/dev/tty12"); }; filter f_auth { facility(auth); }; filter f_authpriv { facility(auth, authpriv); }; filter f_syslog { not facility(authpriv, mail); }; filter f_cron { facility(cron); }; filter f_daemon { facility(daemon); }; filter f_kern { facility(kern); }; filter f_lpr { facility(lpr); }; filter f_mail { facility(mail); }; filter f_user { facility(user); }; filter f_debug { not facility(auth, authpriv, news, mail); }; filter f_messages { level(info..warn) and not facility(auth, authpriv, mail); }; filter f_emergency { level(emerg); }; filter f_info { level(info); }; filter f_notice { level(notice); }; filter f_warn { level(warn); }; filter f_crit { level(crit); }; log { source(src); filter(f_authpriv); destination(authlog); }; log { source(src); filter(f_syslog); destination(syslog); }; log { source(src); filter(f_cron); destination(cron); }; log { source(src); filter(f_daemon); destination(daemon); }; log { source(src); filter(f_kern); destination(kern); }; log { source(src); filter(f_lpr); destination(lpr); }; log { source(src); filter(f_mail); destination(mail); }; log { source(src); filter(f_user); destination(user); }; log { source(src); filter(f_debug); destination(debug); }; log { source(src); filter(f_messages); destination(messages); }; log { source(src); destination(all); }; log { source(src); destination(console_all); }; As you can see I'm not intending to run syslog-ng as root. Any help would be appreciated. mark www.darklogik.org