[syslog-ng] Syslog-ng and filter question ...
Evan Rempel
erempel at uvic.ca
Tue Oct 10 00:07:29 CEST 2006
What you have written is
not facility(daemon) and not level(info)
which is the same logic as
any facility other than daemon OR any level other than info
What you really want is
filter f_not_daemon.info { not (facility(daemon) and level(info)); };
Evan.
Sébastien CRAMATTE wrote:
> Hello list,
>
> I've just setup a centralized syslog-ng server with mysql
> Remote clients work well but I'v got a little problem with a filter ...
>
> On each client I've got snmp daemon running
> and nagios network manager server polling clients ...
>
> My problem is that each time my nagios NMS connect it to a client it
> appears this line in daemon.info client log
>
> "Oct 10 03:15:48 vlanrouter1 snmpd[1868]: Connection from 192.168.0.12 "
>
> I would like to filter this line to exclude it from the remote log ...
> So I 've added this filter
>
> filter f_not_daemon_info { (not facility(daemon) and not level(info)); };
>
> but not works and all "daemon" and all "info" levels are removed not
> just "daemon.info"
> I've search to remove this log from snmp daemon directly but seems to be
> a bug on my snmpd release ...
>
> I hope that someone have got the solution
> Regards
>
> Sebastien
>
>
>
>
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
More information about the syslog-ng
mailing list