[syslog-ng] patterndb and intrusion prevention
Florian Schaal
mailinglist at schaal-24.de
Thu Aug 29 07:52:44 CEST 2013
Am 28.08.2013 21:44, schrieb Valentijn Sessink:
> Hi Florian,
>
> Thank you for your explanation. You are using the "program" destination,
> which works fine. The problem I am experiencing only shows up when using
> "file" output, as there seems to be a problem with lseek in combination
> with the proc filesystem.
>
It seems that i picked up the wrong email so my post is not on the list.
This might be the relevant part:
BTW currently i´m using a simple shell-script to put the up in the jail
so i can do something more with the ip (whitelist etc.) - but for me it
works also as a simple file-destination.
I´ve change the destination from program to file and it works without
any problems. But i prefer to use a shell-script for handle ip-adresses
with xt_recent to have someting like "store in a database" and "whitelists".
regards
Florian
More information about the syslog-ng
mailing list