[syslog-ng]How to filter XDMCP messages ?
Achim Gsell
syslog-ng@lists.balabit.hu
Tue, 4 Mar 2003 17:10:49 +0100
On Tuesday 04 March 2003 16:21, Nate Campi wrote:
> On Tue, Mar 04, 2003 at 02:46:23PM +0100, Gerard Breiner wrote:
> > I wonder how to configure syslog-ng to filtering the messages emitted
> > by gdm_xdmcp. this type of messages pollutes my files of logs. Here
> > is messages i don't want : "gdm[3798]: gdm_xdmcp_handle_query: Opcode
> > 1 from ".
>
> filter f_not_gdm {
> not program("gdm");
> };
>
> log {
> source(src);
> filter(f_not_gdm);
> destination(syslog);
> };
>
> This will keep any gdm messages from being logged, which is probably ok.
Another way is to use a "log{}" without destination:
filter f_drop {
program(^gdm$);
};
log {
source(src);
filter(f_drop);
flags(final);
};
The above log{} statement must be prior to all other log{} statements!
If you don't want to drop all messages from "gdm" you can define a filter
like:
filter f_drop {
match(^gdm_xdmcp_handle_query:);
};
Achim