[syslog-ng] loop caused by syslog-ng filter

[Fegan, Joe]

Hi Luigi,

Your question is difficult to understand, but I think you are asking how to use this script with syslog-ng. Here is an example:

#############syslog-ng.conf
......
filter f_authpriv {facility(auth, authpriv); }
destination sndmailauth { program("/script/sndmailaut");};
log { source(src); filter(f_authpriv); destination(sndmailauth); };
.....
#############

You create a destination of the type "program" and route messages to it using a "log" statement. During startup, syslog-ng will automatically fork a subprocess to run this program and it will feed messages to the stdin of that subprocess in the future whenever messages that match the filter arrive from source(src).

Joe.

-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Luigi Augello
Sent: 05 July 2008 17:15
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] loop caused by syslog-ng filter

Hi Joe
I understand what you say, but it is sometimes that in not usesyslog-ng:
what I would know where and how I should use this script, maybe astemplate
into syslog-ng.conf? And if is true how I should use?
sorry for this banal question
tanks in advance
Luigi

Fegan, Joe ha scritto:
Use this template for your script. Modify it to send email $MSG to you,
instead of sending it to /tmp/schrott. That should solve your problem.

#!/bin/bash
while
read MSG
do
# Process the message $MSG. Do whatever you like with it.
# Email it to someone. Whatever. Here we put it in a file.

echo $MSG >> /tmp/schrott

# We're finished with this message, wait for the next one.
done
# Read returned eof. This means "no more messages". Exit.
exit 0


______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html