[syslog-ng] Log only one host
tokie at tiscali.it
tokie at tiscali.it
Tue Dec 13 15:39:47 CET 2011
As you can see the device gives a valid syslog header.
Destination of
Firewall in fw.log:
# tailf fw.log
Dec 13 13:58:47 192.168.1.254/192.
168.1.254 Fw-Vigor2955: 149:13:59.970 lan->wan @S:R=13:1 p
192.168.1.8,19679 -> 82.200.234.214,33244 PR UDP len 20 131
Destination of Access Point .241 in ap241.log:
# tailf ap241.log
Dec 13
13:58:47 192.168.1.254/192.168.1.254 Fw-Vigor2955: 149:13:59.770 lan-
>wan @S:R=13:1 p 192.168.1.8,19679 -> 94.244.30.85,63708 PR UDP len
20 131
It writes the same thing!!
My configuration is the following:
source udp {
udp();
};
destination d_fw {
file("/**/**/fw.log"
create_dirs(yes) fsync(yes));
};
filter f_fw {
netmask
("192.168.1.254/32"); ##try to log one host
};
log {
source(udp);
destination(d_fw);
filter(f_fw);
};
Therefore, how I do??
Thanks
Tokie
E' nata indoona: chiama, videochiama e messaggia Gratis. Scarica indoona per iPhone, Android e PC: http://www.indoona.com/
More information about the syslog-ng
mailing list