[syslog-ng] problem to filter remote-logs on syslog-server

[system at ra-schaal.de]

I try to filter with syslog ng 3.2.4 log files from another server to
local files.

The syslog-server receives all log entries from the remote-server.

If i let syslog-server write over "SOURCE network", the log is provided.
But the integration in src local does not fold however.


I.e on syslog-server this works:
log { source(network); destination(foo); };

but
log { source(src); filter (f_foo); destination (d_foo) };

doesn´t contains any entries from the remote server.


remote-server-config:
options {
        chain_hostnames(no);
        create_dirs(yes);
        dns_cache(yes);
        flush_lines(1);
        keep_hostname(yes);
        log_fifo_size(16384);
        log_msg_size(8192);
        long_hostnames(off);
        perm(0640);
        stats_freq(43200);
        time_reopen(10);
        use_dns(yes);
        use_fqdn(yes);
};

destination remote { udp("syslog-server" port(514)); };

log { source(src); destination(remote); };


syslog-server-config:
options as on the remote-server
source src {internal();
            udp(port(514));
            unix-dgram("/dev/log");
            unix-dgram("/var/lib/named/dev/log");
           };
source network { udp(port(514)); };