[syslog-ng] Simple config question
Jakub Jankowski
shasta at toxcorp.com
Thu Nov 3 22:33:08 CET 2011
On 2011-11-03, Miguel Alvarez wrote:
>> Well, something similar is possible with syslog-ng aswell: (beware,
>> completely untested, there might be typos!)
[...]
>> source s_snort_alert {
>> file("/var/log/snort/alert");
>> tag("snort");
>> };
[...]
>> [1]: http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.2-guides/syslog-ng-ose-v3.2-guide-admin-en.html/bk01-toc.html
>
> Wow, thank you so much! That actually looks pretty straight forward.
>
> I initially had syslog-ng 3.2.4 installed but it was complaining about
> the "source plugin tag not found". I thought this was perhaps due to
> it not being 3.3 so I built and installed 3.3.1 but am still seeing
> it. Is there something I'm missing from my build or not loading in my
> config?
It's a typo in Gergely's example. It's "tags", not "tag" :) See the
docs[2]
[2] http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.2-guides/syslog-ng-ose-v3.2-guide-admin-en.html/reference_source_file.html
HTH
--
Jakub Jankowski|shasta at toxcorp.com|http://toxcorp.com/
GPG: FCBF F03D 9ADB B768 8B92 BB52 0341 9037 A875 942D
More information about the syslog-ng
mailing list