[syslog-ng] sylog-ng filters not working
Christian Turner
cturner at highroads.com
Wed Aug 3 17:52:46 CEST 2016
Hi,
I have the following filter configured;
source src_devenv01 { udp(ip(0.0.0.0) port(514)); };
filter f_devenv01_04net { netmask(10.22.209.0/24); };
destination d_devenv_04net { file("/mnt/syslogng/p2alogs/DEVENV/04net-$HOST-$YEAR$MONTH$DAY.log"); };
log { source(src_devenv01); filter(f_devenv_04net); destination(d_devenv_04net); flags(final); };
However, the filter does not work, and the logs from this source all go to the generic logging destination.
I perform an strace and I can see that the IP appears as expected, so I'm figuring I have a syntax error somewhere;
[pid 28481] recvfrom(11, "<182>1 2016-08-03T10:27:50.645062-04:00 ::1 [[REDACTED]]..., 8192, 0, {sa_family=AF_INET, sin_port=htons(58785), sin_addr=inet_addr("10.22.209.10")}, [16]) = 265
Christian Turner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160803/64f85e06/attachment.htm
More information about the syslog-ng
mailing list