[syslog-ng] Send a specific log by email
Reaky Rok
reakyrok at hotmail.com
Wed Jul 1 15:27:46 CEST 2009
But I think as per the example the syslog will just send the log if it match specific string like ( attackalert ) in the example, But I want it send all new logs from this IP when comming without matching a specific string or word, Can you help in this ?
From: reakyrok at hotmail.com
To: syslog-ng at lists.balabit.hu
Date: Wed, 1 Jul 2009 15:49:42 +0300
Subject: Re: [syslog-ng] Send a specific log by email
Ohh Sorry I didn't note it, Thanks so much dear friend
Best Regards
Bassam Muhammad
> Date: Wed, 1 Jul 2009 14:26:18 +0200
> From: Siem.Korteweg at qnh.nl
> To: syslog-ng at lists.balabit.hu
> Subject: RE: [syslog-ng] Send a specific log by email
>
> Hi,
>
> the example script is in the same section of the page. Store it in the path of your destination -> program. Edit it and change the contents of the variable $TO to indicate the destination and check whether your system knows /usr/sbin/sendmail.
>
> regards,
>
> Siem Korteweg
>
> -----Oorspronkelijk bericht-----
> Van: syslog-ng-bounces at lists.balabit.hu namens Reaky Rok
> Verzonden: wo 1-7-2009 14:21
> Aan: syslog-ng at lists.balabit.hu
> Onderwerp: Re: [syslog-ng] Send a specific log by email
>
>
> This's great
> But what about the perl escript, Could you please provide anexample for it, As I'm not good in programming.
> Thanks for your help
>
> Best Regards
> Bassam Muhammad
>
> > Date: Tue, 30 Jun 2009 19:04:55 +0200
> > From: Siem.Korteweg at qnh.nl
> > To: syslog-ng at lists.balabit.hu
> > Subject: RE: [syslog-ng] Send a specific log by email
> >
> > Hi Reaky,
> >
> > define a new source with your specific IP and define a destination using "program" in stead of "file" (http://www.campin.net/newlogcheck.html "Email certain logs"). Finally you combine both in a new log-definition.
> >
> > regards,
> >
> > Siem Korteweg
> >
> >
> > -----Oorspronkelijk bericht-----
> > Van: syslog-ng-bounces at lists.balabit.hu namens Reaky Rok
> > Verzonden: di 30-6-2009 11:20
> > Aan: syslog-ng at lists.balabit.hu
> > Onderwerp: [syslog-ng] Send a specific log by email
> >
> >
> > Hi friends
> > I have syslog-ng installed in RHEL5 server, I make it as CEntral log for all servers in my network, Filtered by IP
> > Now What I want to do is make it send to me an email for a specific log for one of my server, In other word when any log sent from this IP (192.168.1.1 ) For example to send me email with this new log value to myemail at mydomain.com
> > The following is the part of configuration for my syslog-ng.conf that related with remote servers.
> > =============================================
> >
> > source s_remote {
> > tcp(ip(0.0.0.0) port(514));
> > udp(ip(0.0.0.0) port(514));
> > };
> >
> > destination d_separatedbyhosts {
> > file("/var/log/syslog-ng/servers/$HOST/$FACILITY.log" owner("root") group("root") perm(0640) dir_perm(0750) create_dirs(yes));
> > };
> >
> > log { source(s_remote); destination(d_separatedbyhosts); };
> > ===============================================
> >
> > Thanks
> > Best Regards
> > Reaky
> >
> > _________________________________________________________________
> > Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy!
> > http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us
> >
>
> _________________________________________________________________
> Drag n' drop-Get easy photo sharing with Windows LiveT Photos.
>
> http://www.microsoft.com/windows/windowslive/products/photos.aspx
>
What can you do with the new Windows Live? Find out
_________________________________________________________________
Show them the way! Add maps and directions to your party invites.
http://www.microsoft.com/windows/windowslive/products/events.aspx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20090701/64051df6/attachment.htm
More information about the syslog-ng
mailing list