[syslog-ng] syslog-ng's enigmatic logging behavior ?
Eiji Inatsu
le.petit.planet at gmail.com
Tue Nov 27 05:30:37 CET 2007
Hello,
I encoutered a problem about message filtering or macro or ???.
I want to fix this problem. please help me.
[env]
# uname -a
SunOS hogehoge 5.10 Generic_125100-07 sun4u sparc SUNW,Sun-Fire-V245
# syslog-ng -V
syslog-ng 2.0.2
[conf]
# cat syslog-ng
options {create_dirs(yes); use_fqdn(yes); dir_owner(syslog-ng);
dir_perm(0750); owner(syslog-ng); perm(0740); sync(0);};
...
source s_net { udp(ip(2.2.2.2) port(514)); };
...
log { source(s_net); filter(f_fw_1); destination(d_fw_1); flags(final); };
...
filter f_fw_all { host("DC_"); };
filter f_fw_1 { filter(f_fw_all) and host("ifw1"); };
...
destination d_fw_1 {
file("/opt/syslog/log/DC_fw/$HOST/$HOST.log.$YEAR$MONTH$DAY-$HOUR"
dir_group(fw-log) group(fw-log)); };
...
...
destination d_debug_all {
file("/opt/syslog/log/debug/$HOST/$HOST.log.$YEAR$MONTH$DAY-$HOUR"
dir_group(all-log) group(all-log)); };
...
log { source(s_net); destination(d_debug_all); flags(final);};
# grep -v ^# syslog-ng.conf | wc -l
532
# grep DC_fw /etc/inet/hosts
1.1.1.1 DC_ifw1
[problem]
A message is loged to d_fw_1 and a message is loged to d_debug_all.
The filename of a message loged to d_fw_1 is DC_ifw120071127-12 and
the filename of a message loged d_debug_all is 1.1.1.1.
I think all messages should only be loged to d_fw_1, but doesn't.
I want to know what should I do to fix to my problem.
thanks.
---
// mailto: le.petit.planet at gmail.com
More information about the syslog-ng
mailing list