[syslog-ng]program() destination
Przemyslaw Bak
przemolicc@poczta.fm
Thu, 1 Mar 2001 07:26:45 +0100
On Wed, Feb 28, 2001 at 07:43:29PM +0100, Maciek Pasternacki wrote:
> Hello,
>
> I have following configuration on my machine:
>
> source logdev { unix-stream("/dev/log"); };
> destination foo { program("/home/foo/.bin/loglogs.pl"); };
> filter f_foo { not priority(debug) and not facility(mail); };
> log { source(logdev); filter(f_foo); destination(foo); };
>
> File /home/foo/.bin/loglogs.pl come as follows:
>
> #!/usr/bin/perl
> open FOO, ">/tmp/loglog.log";
> while ( <STDIN> ) {
> print FOO $_;
> }
> close FOO;
>
> Could anybody tell why file /tmp/loglog.log stays empty no matter what I do?
When I used to use syslog-ng 1.4.5 I used following way to solve similar problem:
...
destination private { program ("/usr/local/sbin/syslog-ng.sh"); };
...
filter f_private {
(match ("SunOS") and not match ("ftpd")) or
match ("ERR") or
match ("Err") or
(match ("err") and not match ("Authentication")) or
match ("WARN") or
match ("Warn") or
match ("warn") or
match ("LOST") or
match ("Lost") or
(match ("lost") and not match ("ftpd")) or
match ("fatal") or
match ("Fatal") or
(match ("fail") and not match ("Authentication"));
...
log { source (src); filter (f_private); destination (private); };
...
/etc>cat /usr/local/sbin/syslog-ng.sh
while read DATA
do
echo $DATA | /usr/ucb/mail -s ">>>> charlie: $DATA <<<<" root
done
/etc>
It worked basically.
przemol