[syslog-ng] Send a specific log by email
Sandor Geller
Sandor.Geller at morganstanley.com
Sat Jul 4 13:02:37 CEST 2009
...and to provide actual help: use filters based on hostname or the IP address
filter f_myhostname {
host("^myhostname$"); # this is a regexp, not a simple string
}
filter f_myipaddress {
netmask("127.0.0.1/32");
}
later in your log definitions just use the filters:
log {
source(...);
filter(...);
destination(...);
flags(final); # so the logs won't get processed by further log definitions
}
In the admin guide you can find more details about the configuration
possibilities.
hth,
Sandor
On Sat, Jul 4, 2009 at 12:48 PM, Sandor Geller<sandorg at morganstanley.com> wrote:
> Hi,
>
> Local means that the host syslog-ng is running on has the IP address
> configured on one of the network interfaces. Apps can bind only to
> 0.0.0.0 or to local IP addresses, not to remote addresses. I think
> you're after filtering based on the remote host's IP address, not
> binding to the IP address.
>
> Regards,
>
> Sandor
>
> 2009/7/4 Reaky Rok <reakyrok at hotmail.com>:
>> Dear What u mean of local IP ? DO u mean It's in the same subbnet ? Any way
>> IT's routed IP not in the same subnet of the syslog server,
>> But any way what the right option to filter the requests fom this IP only
>> ???
>>
>>
>>> From: bazsi at balabit.hu
>>> To: syslog-ng at lists.balabit.hu
>>> Date: Fri, 3 Jul 2009 15:57:08 +0200
>>> Subject: Re: [syslog-ng] Send a specific log by email
>>>
>>> On Thu, 2009-07-02 at 11:34 +0300, Reaky Rok wrote:
>>> > I modefied it and it gave me the following result after restarting :
>>> >
>>> > Error binding socket; addr='AF_INET(163.121.189.131:514)',
>>> > error='Cannot assign requested address (99)'
>>> > Error initializing source driver; source='s_remote', id='s_remote#0'
>>> > Error initializing message pipeline;
>>> > [FAILED]
>>> >
>>> > I s it possible that this's becuese I used the same source name in the
>>> > first part of configuration ?
>>> >
>>>
>>> Is 163.121.189.131 a local IP address? The ip() option of source drivers
>>> specify the bind address, not the address to accept messages from.
>>>
>>> --
>>> Bazs i
>>>
>>>
>>>
>>> ______________________________________________________________________________
>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation:
>>> http://www.balabit.com/support/documentation/?product=syslog-ng
>>> FAQ: http://www.campin.net/syslog-ng/faq.html
>>>
>>
>> ________________________________
>> Windows Live™: Keep your life in sync. Check it out!
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.campin.net/syslog-ng/faq.html
>>
>>
>>
>
More information about the syslog-ng
mailing list