[syslog-ng] Logs sent to wrong destination
Renato Bezerra
renatobamorim at gmail.com
Thu Jul 17 21:09:26 CEST 2014
Hi,
I'm using syslog-ng in a long time, but recently i noted that, in some
cases, the log has sent to a wrong destination.
I have many devices sending logs to my host, the problem appears when the
server receive webservers logs, they are delivered to a different
destination and I don't known how.
here is the configuration:
destination apache {
file("/var/log/webserver/$R_YEAR-$R_MONTH-$R_DAY-$R_HOUR"
owner(ll)
group(ll)
perm(0644)
dir_perm(0755)
create_dirs(yes));
};
filter f_apache {
(
host("xxx.xxx.xxx.82") or
host("xxx.xxx.xxx.137")
);
};
log {
source(aaa);
filter(f_apache);
destination(apache);
};
The ip address xxx.xxx.xxx.137 send a duplicate log event to another
directory, without any other configuration.
Have you seen this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20140717/859e7395/attachment.htm
More information about the syslog-ng
mailing list