[syslog-ng]not match problem once again
Mariusz Bogumil
marbo@tpi.pl
Wed, 21 Mar 2001 12:45:23 +0100
I have searched the whole archive but I have not found any solution to
my problem.
-----------------
destination messages { file("/var/log/messages.log"); };
�
filter f_messages { level(info..warn) and not macht("snort") and not
facility(auth, news, mail); };
log { source(s_tcp); filter(f_messages); destination(messages); };
----------------------
I want logs that contain word "snort" not to be directed to
/var/log/messages but it seems that filter not match("snort") does not
work.
Thank you in advance for your help
marbo