[syslog-ng]Filtering "syslog-ng daemon" logs
Eric Parusel
lists@globalrelay.net
Mon, 4 Jun 2001 13:06:11 -0700
Hi,
I'd like to filter out the syslog-ng logs that I get in my
/var/log/messages file.
Can I use a command-line flag to turn off these logs?:
Jun 4 10:20:00 ldap1 syslog-ng[84369]: io.c: do_write: write() failed
(errno 32), Broken pipe
Jun 4 10:20:00 ldap1 syslog-ng[84369]: Connection broken, reopening
in 60 seconds
Jun 4 10:21:00 syslog1 syslog-ng[274]: AF_INET client connected from
127.0.0.1, port 1046
If not, can will the following filter work?
filter f_nosyslog-ng { program("syslog-ng") and ( match("io\.c\:") or
match("Connection\ broken\,\ reopening") or match("SIGHUP") or
match("AF_INET_client") ); };
Did I use the brackets correctly? filter foo { program() and
(match() or match() ); };
I'm no expert with regular expressions or syslog-ng filters, so bear
with me :)
As well, I'm using a tcp connection over stunnel, I would assume that
it is normal to receive these messages occasionally?
Thanks,
Eric Parusel
Systems Administrator
Global Relay Communications