[syslog-ng]1.5.26 vs 1.6.x and destination selection
T.
syslog-ng@lists.balabit.hu
Sun, 11 Jan 2004 22:30:19 -0500 (EST)
I am trying to get the 1.6 branch of syslog-ng to create log files based on a naming convention that worked (sort of) in 1.5.26 but no longer does. Specifically, I have the following in my syslog-ng.conf:
destination d_netfilt { file ("/var/logser/$HOST/$YEAR/$MONTH/$DAY/netfilt.log"
owner(root) perm(0600) create_dirs(yes) ); };
destination d_messages { file ("/var/adm/messages.$YEAR.$MONTH" owner(root) perm(0644) ); };
filter f_netfilt {
match(" netfilt\[0-9]+\]") or
program("netfilt");
};
source s_udp { udp( port(514) ); };
log { source(s_udp); filter(f_netfilt); destination(d_netfilt); };
log { destination(d_messages); flags(fallback, catchall); };
With syslog-ng 1.5.26, this sends messages matching "netfilt" received on UDP port 514 into /var/logser (albeit it doesn't correctly expand $HOST into the source of the message - it fills this in as the hostname of the machine on which syslog-ng is running). With the 1.6 branch, however, running with the same config file and receiving messages from the same sources winds up dropping the logs down into the d_messages block. This happened both with the release candidates and with the recent 1.6.1 branch. I'm using libol 0.3.11 and running on Solaris 8 on Netra V120; both libol and syslog-ng were compiled using GCC 3.1 in 64-bit mode (-m64 -mcpu=ultrasparc -O3). Can anyone help point me in the right direction of getting 1.6.1 to correctly match the source of the message and, perhaps, also identify $HOST properly?
Thanks in advance.
T. E.
_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!