[syslog-ng] facility 'security'

Jan Schaumann jschauma at netmeister.org
Tue Aug 25 19:53:57 CEST 2009


It appears that syslog-ng does not correctly identify the 'security'

$ logger -p security.info oink


Aug 25 10:46:43 <d.info> syslog1 oink

Note the false facility "d".

In src/syslog-names.c, the mapping for 'security' is done thusly:

{"security", LOG_AUTH},    /* DEPRECATED */

FreeBSD, however, appears to still use LOG_SECURITY, which leads to
syslog-ng falsely categorizing the incoming messages.  I'd be able to
deal with this if it actually did fall back to LOG_AUTH, but for some
reason it shows up as facility "d" (which seems like a string comparison
gone awry).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20090825/838f6293/attachment.pgp 

More information about the syslog-ng mailing list