[syslog-ng] Program Filters
Metal Gear
finattack at gmail.com
Fri May 27 12:29:46 CEST 2005
Still there are no compilation errors now but i m not having any logs of ftp
and ssh when i remove filters then i get the bunch of logs. Setting the
filters for facility(auth, authpriv) is working but it gives only the users
who are successfully connected theu ssh or ftp. I m sending my
syslog-ng.conf using filters but i m not getting the logs of it.
source src {unix-stream("/dev/log"); pipe("/proc/kmsg"); internal();};
source stunnel {tcp(ip("127.0.0.1 <http://127.0.0.1>") port(514)
keep-alive(yes));};
filter f_ftp {program(".*ftp*.");};
filter f_ssh {program(".*ssh*.");};
log {source(src); filter(f_syslog); filter(f_ftp); filter(f_ssh);
destination(dest2);};
log {source(stunnel); filter(f_syslog); filter(f_ftp); filter(f_ssh);
destination(dest2);};
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.test.balabit.hu/pipermail/syslog-ng/attachments/20050527/7bf28016/attachment.html
More information about the syslog-ng
mailing list