[syslog-ng] Problems With Filter Rules - Using First Rule, Not One Intended
Geller, Sandor (IT)
Sandor.Geller at morganstanley.com
Thu May 8 20:19:05 CEST 2008
Hi,
> Here are some recent logs.
>
>
> May 8 13:48:41 mailserver1.mycorp.net/mailserver1.mycorp.net
> postfix/smtp[22079]: [ID 197553 mail.info] BBBF66CB1E:
> to=<b.smith at nodomain.net>,
> relay=192.168.12.1[192.168.12.1]:25, delay=0.48,
> delays=0.31/0.02/0.01/0.14, dsn=2.6.0, status=sent (250 2.6.0
>
> <B7C2C6BA798F3C4DBDD78BEDC1F8AD5732046E44 at ns2.someotherdomain.
com> Queued mail for delivery)
Which version of syslog-ng are you using? I remember that postfix
(more precisely postfix/daemonname-like program names) caused
problems for older versions, although this might be unrelated.
> I *believe* the double hostname is die to
> chain_hostnames=yes? Don't remember.
No, there would be an '@' between the hostnames. I still don't see
how 'sw' could match your logs :(
regards,
Sandor
--------------------------------------------------------
NOTICE: If received in error, please destroy and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error.
More information about the syslog-ng
mailing list