[syslog-ng]Syslog-ng dies unexpectedly
Ohrberg, Mick
Mick.Ohrberg@umb.com
Wed, 11 Oct 2000 12:53:19 -0500
[snip]
> Also, I'm running a program that logs NT-events in syslog format and I
> want to create a separate SINGLE "error" log from multiple machines.
> What would the format for that be? Does a simple filter and log match
> statement work?
>
> destination ntlog { file("/var/log/ntlog.log"); };
> filter f_error { match("[ERR]"); };
> #( [ERR] is the common statement in the NT log statement for error logs)
>
> log { source(net); filter(f_error); destination(ntlog); };
[snip]
Jon,
Does your NT logger use one of the facility/priority pairs available? I know
we do a lot of logging using the different user-facilities. If your NTlogger
uses that, you can filter by facility as well.
/Mick