[syslog-ng] Filters not working at all?

John Wingenbach jwing@pliantsystems.com
Fri, 17 Dec 1999 13:30:18 -0500 

I have syslog-ng V 1.3.8 installed on Solaris 2.6 system.  I can't seem
to get the range specification for filters to work properly (e.g.
level(debug..emerg))).  Instead only a single level is stored in the
file.  Here is my current syslog config file:

source s_all { sun-streams("/dev/log" door("/etc/.syslog_door"));
               internal();
               udp();
             };

filter f_warning { level(warning..emerg); };
filter f_debug { level(debug..emerg); };
filter f_crit { level(crit..emerg); };
filter f_err { level(err..emerg); };
filter f_emerg { level(emerg); };

filter f_user { facility(user); };
filter f_mail { facility(mail); };
filter f_daemon { facility(daemon); };
filter f_auth { facility(auth); };
filter f_lpr { facility(lpr); };
filter f_news { facility(news); };
filter f_kern { facility(kern); };
filter f_uucp { facility(uucp); };
filter f_cron { facility(cron); };
filter f_local0 { facility(local0); };
filter f_local1 { facility(local1); };
filter f_local2 { facility(local2); };
filter f_local3 { facility(local3); };
filter f_local4 { facility(local4); };
filter f_local5 { facility(local5); };
filter f_local6 { facility(local6); };
filter f_local7 { facility(local7); };
filter f_SanUser { not facility(user); };

destination d_all { file("/var/log/messages"); };
destination d_ttys { usertty("*"); };
destination d_console { file ("/dev/console"); };
destination d_kernfile { file ("/var/log/kern"); };
destination d_syslogfile { file ("/var/log/syslog"); };
destination d_userfile { file ("/var/log/user"); };
destination d_mailfile { file ("/var/log/mail"); };
destination d_mailcritfile { file ("/var/log/mail.crit"); };
destination d_mailwarnfile { file ("/var/log/mail.warning"); };
destination d_daemonfile { file ("/var/log/daemon"); };
destination d_authfile { file ("/var/log/auth"); };
destination d_lprfile { file ("/var/log/lpr"); };
destination d_newsfile { file ("/var/log/news"); };
destination d_uucpfile { file ("/var/log/uucp"); };
destination d_cronfile { file ("/var/log/cron"); };
destination d_local0file { file ("/var/log/local0"); };
destination d_local1file { file ("/var/log/local1"); };
destination d_local2file { file ("/var/log/local2"); };
destination d_local3file { file ("/var/log/local3"); };
destination d_local4file { file ("/var/log/local4"); };
destination d_local5file { file ("/var/log/local5"); };
destination d_local6file { file ("/var/log/local6"); };
destination d_local7file { file ("/var/log/local7"); };

log { source(s_all);
      filter(f_emerg);
      filter(f_SanUser);
      destination (d_ttys);
    };
#log { source(s_all);
#      filter (f_kernnotice); filter (f_authnotice);
#      destination (d_console); };
#log { source(s_all);
#      filter(f_ErrSanUser); filter (f_kerndebug); filter
(f_daemonnotice); filter (f_mail);
#      destination (d_syslogfile);
#    };
log { source(s_all); filter (f_kern); filter (f_debug); destination
(d_kernfile); };
log { source(s_all); filter (f_user); filter (f_debug); destination
(d_userfile); };
log { source(s_all); filter (f_mail); filter (f_debug); destination
(d_mailfile); };
log { source(s_all); filter (f_mail); filter (f_crit); destination
(d_mailcritfile); };
log { source(s_all); filter (f_mail); filter (f_warning); destination
(d_mailwarnfile); };
log { source(s_all); filter (f_daemon); filter (f_debug); destination
(d_daemonfile); };
log { source(s_all); filter (f_auth); filter (f_debug); destination
(d_authfile); };
log { source(s_all); filter (f_lpr); filter (f_debug); destination
(d_lprfile); };
log { source(s_all); filter (f_news); filter (f_debug); destination
(d_newsfile); };
log { source(s_all); filter (f_uucp); filter (f_debug); destination
(d_uucpfile); };
log { source(s_all); filter (f_cron); filter (f_debug); destination
(d_cronfile); };
log { source(s_all); filter (f_local0); destination (d_local0file); };
log { source(s_all); filter (f_local1); filter (f_debug); destination
(d_local1file); };
log { source(s_all); filter (f_local2); destination (d_local2file); };
log { source(s_all); filter (f_local3); destination (d_local3file); };
log { source(s_all); filter (f_local4); filter (f_debug); destination
(d_local4file); };
log { source(s_all); filter (f_local5); filter (f_debug); destination
(d_local5file); };
log { source(s_all); filter (f_local6); filter (f_debug); destination
(d_local6file); };
log { source(s_all); filter (f_local7); filter (f_debug); destination
(d_local7file); };


--
John C. Wingenbach
Broadband Technologies
Sr. Systems Administrator
Work: (919) 405-4627
Fax:  (919) 405-4544