[syslog-ng]Log monitoring
Nate Campi
syslog-ng@lists.balabit.hu
Mon, 9 Jun 2003 13:34:30 -0700
On Mon, Jun 09, 2003 at 01:46:35PM -0400, Marc Mamane wrote:
> Try this... http://www.estpak.ee/~risto/sec/
Yeah, sec is so flexible and powerful it's quite hard to take advantage
of many of its features right off the bat.
#######################################
destination d_sec {
program("/usr/local/sbin/sec.pl -input=\"-\" -conf=/usr/local/etc/sec.conf >/var/log/sec.err 2>&1");
};
# send all logs to sec
log {
source(src);
filter(f_not_brightmail);
destination(d_sec);
};
#######################################
There's a low-traffic mailing list for if you start using it. At some
point I'm going to put some example usage stuff for it on my site.
--
Nate Campi http://www.campin.net