[syslog-ng] Filter netmask not working as expected
Agus
agus.262 at gmail.com
Mon Nov 19 00:31:19 CET 2012
Hi guys,
Just new, and created the following conf for testing purposes. The problem
is that i get the logs in both destinations despite the filter.
@version: 3.4
@include "scl.conf"
options {
keep_hostname(yes);
normalize_hostnames(yes);
threaded(yes);
ts_format(iso); # Adds TZ
#use_fqdn(yes);
use_dns(no);
};
source s_local {
system();
internal();
};
source s_network {
udp();
};
destination d_local {
file("/var/log/messages");
};
destination d_my_mac {
file("/var/log/mymac");
};
filter f_my_mac {
netmask(10.24.18.2/255.255.255.255);
};
log {
source(s_network);
filter(f_my_mac);
destination(d_my_mac);
flags(final);
};
log {
source(s_local);
# uncomment this line to open port 514 to receive messages
source(s_network);
#destination(d_central_udp);
destination(d_local);
};
as netmask i also tried cidr /24 and same thing. The problem is that i get
the logs in both destinations. I only want to have them in my_mac
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20121118/75e290f7/attachment.htm
More information about the syslog-ng
mailing list