[syslog-ng] exclude pattern from logging
fRANz
andrea.francesconi at gmail.com
Fri Sep 26 08:38:24 CEST 2014
On Thu, Sep 25, 2014 at 11:31 AM, Pál, László <vlad at vlad.hu> wrote:
> You need both logpath. One is filtering out and other collecting remaining.
> Also the order of log statement is important
Vlad,
thank you for your reply.
I followed your tips but syslog-ng still logging...
What I miss in the config?
The actual is:
# cat /etc/syslog-ng/syslog-ng.conf
@version:3.2
options { check_hostname(yes);
keep_hostname(yes);
stats_freq(0);
chain_hostnames(no); };
source inputs { internal();
unix-stream("/dev/log");
udp();
tcp(max_connections(100)); };
destination logpile {
file("/logs/$HOST/$YEAR/$MONTH/$DAY/$FACILITY"
owner(root) group(root) perm(0600)
create_dirs(yes) dir_perm(0700)); };
filter vmware_filter { match("Section for VMware ESX" value ("MESSAGE")); };
log { source(inputs); filter(vmware_filter); flags(final); };
log { source(inputs); destination(logpile); };
Thanks,
-f
More information about the syslog-ng
mailing list