[syslog-ng] logging from Cisco

Tom Le dottom at gmail.com
Thu May 24 08:52:48 CEST 2007


> Here is a part of my syslog-ng.conf, after some thorough research
> on the Cisco website:
>
> #### {{{ Cisco, by device type
> filter f_cisco_router   { facility(local2);     };
> filter f_cisco_switch   { facility(local3);     };
> filter f_cisco_firewall { facility(local4);     };
> filter f_cisco_vpnbox   { facility(local5);     };
> #### Cisco, by device type }}}

Keep in mind that if you have any other devices sending messages using the
same facility as above, you may inadvertently filter those messages as
well.  You can match some text strings within the messages themselves or use
a regex.  Regex is more accurate but can have performance impact on busy
syslog-ng server.

Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20070523/15063a4b/attachment.htm


More information about the syslog-ng mailing list