[syslog-ng]syslog-ng and sendmail

Hamilton, Andrew Mr RAYTHEON 5 SIG CMD HamiltonA@hq.5sigcmd.army.mil
Wed, 20 Dec 2000 07:57:05 +0100 

Sendmail logs two lines for each message.  The other one should be above
this one in the logfile.  There is nothing wrong with your configuration.

Regards,
Drew

> -----Original Message-----
> From:	Serge van Thillo [SMTP:tila@zeelandnet.nl]
> Sent:	Wednesday, December 20, 2000 2:40 AM
> To:	syslog-ng@lists.balabit.hu
> Subject:	[syslog-ng]syslog-ng and sendmail
> 
> Hi people.
> 
> I compiled syslog-ng today and tried out some things.
> It works quite ok, there only a few things I am missing.
> 
> When I log facility mail I only see to adressen. this is the same when I
> log
> everything to one file.
> so for example:
> 
> Dec 20 02:27:34 linux sendmail[10439]: eBK1RX410437:
> to=<serge@mydomain.nl>,
> delay=00:00:00, xdelay=00:00:00, mailer=cyrus, pri=38193, dsn=2.0.0,
> stat=Sent
> 
> Only the line telling me who send the message is missing.
> 
> I will include the config file. Can anyone tell me what is wrong?
> 
> Thanks in advance.
> 
> Greets,
> 	Serge.
> ---------------------------------
> 
> options { sync (0);
>           time_reopen (10);
>           log_fifo_size (1000);
>           long_hostnames (off);
>           use_dns (no);
>           use_fqdn (no);
>           create_dirs (no);
>           keep_hostname (yes);
>         };
> 
> source s_sys { unix-stream ("/dev/log"); internal(); };
> 
> destination console  { file("/dev/console"); };
> destination messages { file("/var/log/messages"); };
> destination secure   { file("/var/log/secure"); };
> destination maillog  { file("/var/log/maillog"); };
> destination spooler  { file("/var/log/spooler"); };
> destination boot     { file("/var/log/boot.log"); };
> destination imap     { file("/var/log/imap.log"); };
> destination auth     { file("/var/log/auth.log"); };
> destination cron     { file("/var/log/cron"); };
> destination console  { file("/dev/console"); };
> destination root     { usertty("root"); };
> destination allusers { usertty("*"); };
> destination all      { file("/var/log/all.log"); };
> 
> # Facility Filters
> filter f_auth     { facility(auth); };
> filter f_authpriv { facility(authpriv); };
> filter f_cron     { facility(cron); };
> filter f_daemon   { facility(daemon); };
> filter f_ftp      { facility(ftp); };
> filter f_kern     { facility(kern); };
> filter f_lpr      { facility(lpr); };
> filter f_mail     { facility(mail); };
> filter f_news     { facility(news); };
> filter f_security { facility(security); };
> filter f_user     { facility(user); };
> filter f_uucp     { facility(uucp); };
> filter f_local0   { facility(local0); };
> filter f_local1   { facility(local1); };
> filter f_local2   { facility(local2); };
> filter f_local3   { facility(local3); };
> filter f_local4   { facility(local4); };
> filter f_local5   { facility(local5); };
> filter f_local6   { facility(local6); };
> filter f_local7   { facility(local7); };
> 
> # Level Filters
> filter f_emerg    { level(emerg); };
> filter f_alert    { level(alert..emerg); };
> filter f_crit     { level(crit..emerg); };
> filter f_err      { level(err..emerg); };
> filter f_warning  { level(warning..emerg); };
> filter f_notice   { level(notice..emerg); };
> filter f_info     { level(info..emerg); };
> filter f_debug    { level(debug..emerg); };
> 
> # Filters
> filter f_messages { level(info..emerg) and (not facility(mail)) and (not
> facility(authpriv)); };
> 
> # Log all kernel messages to the console.
> log {
>   source(s_sys);
>   filter(f_kern);
>   destination(console);
> };
> 
> # Log anything (except mail) of level info or higher.
> log {
>   source(s_sys);
>   filter(f_messages);
>   destination(messages);
> };
> 
> # The authpriv file has restricted access.
> log {
>   source(s_sys);
>   filter(f_authpriv);
>   destination(secure);
> };
> 
> # Log all the mail messages in one place.
> log {
>   source(s_sys);
>   filter(f_mail);
>   destination(maillog);
> };
> 
> # Everybody gets emergency messages, plus log them on another machine.
> log {
>   source(s_sys);
>   filter(f_emerg);
>   destination(allusers);
> };
> 
> # Save mail and news errors of level err and higher in a special file.
> log {
>   source(s_sys);
>   filter(f_uucp);
>   filter(f_news);
>   filter(f_crit);
>   destination(spooler);
> };
> 
> # Save boot messages also to boot.log
> log {
>   source(s_sys);
>   filter(f_local7);
>   destination(boot);
> };
> 
> # Log cyrus imap in seperate file
> log {
>   source(s_sys);
>   filter(f_local6);
>   filter(f_debug);
>   destination(imap);
> };
> log {
>   source(s_sys);
>   filter(f_auth);
>   filter(f_debug);
>   destination(auth);
> };
> 
> # Debuging Sending all messages to all.log
> log {
>   source(s_sys);
>   destination(all);
> };
> 
> 
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng