Hi, I would like to do log relaying, using syslog-ng. But I need to change the log format. The problem is that the "template" directive is not available for the udp destination (even for the tcp destination). Could you suggest me some work around to do that? Thanks in advance. - gian P.S I've thought on a work around, but it doesn't work fine. Hence the "template" directive is available for the pipes, I've used a pipe destination to send the logs. Then, I'm using the same pipe, as source, and I'm relaying the logs from it, to another log server. But syslog-ng thinks that the logs are coming from the server, and I get the following (ie, it uses the standard log format, after the pipe): Message Before the pipe -------------------- [X.Y.Z.K] ufs: [ID 213553 kern.notice] NOTICE: realloccg /u00: file system full Message After the pipe --------------------- Sep 25 18:12:11 Figth_cluB_01 [X.Y.Z.K] ufs: [ID 213553 kern.notice] NOTICE: realloccg /u00: file system full I'm using this configuration: # CONF ############################################# source s_net { udp(); }; source s_pipe_per_NI { pipe(/var/chroot/syslog-ng/dev/pipe_per_NI); }; destination relay_to_NI { udp("A.B.C.D" ); }; destination d_pipe_per_NI { pipe("/dev/pipe_per_NI" template("[$HOST] $MSG\n") ); }; log { source(s_net); destination(d_pipe_per_NI); # Here, I can apply the template }; log { source(s_pipe_per_NI); destination(relay_to_NI); # Here, syslog-ng applies the standard log format :( }; # END CONF ############################################# _____ Ing. Gianpiero Porchia Security Engineer ATS - Advanced Telecom Systems Designing, Testing, Managing Network Quality Via Salgari, 17 - 41100 Modena - ITALY Tel +39 059 821332 Fax +39 059 821492 Cel +39 335 330413 E-mail: gianpiero.porchia@atsweb.it messenger.msn.com: http://messenger.msn.com/, gianpiero.porchia@atsweb.it Web site: http://www.atsweb.it PGP Key ID: 0xCAE064A4 (pgpkeys.mit.edu:11371) Fingerprint: 080D AD88 C18A FCA3 91BC 0DF2 F05F 7489 CAE0 64A4