[syslog-ng] Program Filters
Metal Gear
finattack at gmail.com
Mon May 16 11:59:40 CEST 2005
Hi all,
i m having too much noise in my syslog-ng logs both in mysql db and in text
logs. For that i tried program filters
like .
filter f_auth { facility(auth); };
filter f_ftp {program(ftp);};
filter f_ssh {program(pam_unix);};
log {source(stunnel); filter(f_syslog); filter(f_auth); filter(f_ftp);
filter(f_ssh); destination(d_mysql);};
what actually i want to log messages from program 'vsftp', 'wsftpd' and
'sshd' for that i tried regexp like '*ftp*', *ssh*, but its not working can
someone refine the filters for just logging traffic having program 'ftp' or
'ssh' in them.
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.test.balabit.hu/pipermail/syslog-ng/attachments/20050516/70b7501e/attachment.html
More information about the syslog-ng
mailing list