[syslog-ng] Problems writing to files with different templates/ownership in 3.x

[Brian De Wolf]

Hello,

I'm using syslog-ng as a remote syslog server for several of our
internal groups.  As such, when a syslog arrives, I use the source
address to determine the ownership of the log file. Here is how I'm
currently doing this:

	source net { udp(ip(0.0.0.0), port(514) flags(no-multi-line)); };

	filter examplefilter  { netmask("10.0.0.0/255.255.0.0"); };
	filter example2filter { netmask("192.168.0.0/255.255.0.0"); };

	destination examplelog  { file("/var/log/remote/$HOST.log" group(examplegroup)); };
	destination example2log { file("/var/log/remote/$HOST.log" group(example2group)); };

	log { source(net); filter(examplefilter); destination(examplelog); flags(final); };
	log { source(net); filter(example2filter); destination(example2log); flags(final); };

This worked fine in 1.6.x and appears to work fine in 3.2.x, but when
logrotate pokes syslog-ng I get lines like this:

	syslog-ng: Internal error, duplicate configuration elements refer to the same persistent config; name='affile_dd_writers(/var/log/remote/$HOST.log)'

Is there a better way to do this which only produces one reference to
"/var/log/remote/$HOST.log"?

Also, I'm using a similar set of filters and destinations to apply
different templates to text that is being written to a single file.
This also produces the error, but I am more concerned that the combined
file might experience issues if the config isn't supposed to have
multiple destinations be the same location.  Is there a way to use
filters to apply templates while still only having one destination
defined?  Could my current setup result in lost log lines?

Thanks,
Brian