Hi list,
i''ve installed syslog-ng in replacement of the old syslog but
can''t
get the log logged to /var/log/shorewall/warn.log, etc...
here are my settings in the syslog-ng.conf :
destination d_shorewall_warn
{
file ("/var/log/shorewall/warn.log"
owner(root)
group(root)
);
};
destination d_shorewall_info
{
file ("/var/log/shorewall/info.log"
owner(root)
group(root)
);
};
filter f_shorewall_warn
{
level (warn) and match ("Shorewall");
};
filter f_shorewall_info
{
level (info) and match ("Shorewall");
};
log
{
source (s_all);
filter (f_shorewall_warn);
destination (d_shorewall_warn);
};
log
{
source (s_all);
filter (f_shorewall_info);
destination (d_shorewall_info);
};
The /var/log/shorewall/warn and info.log have the root:root 644
permissions.
At now everything is logged in /var/log/messages.
What did i wrong ?
best regards
mess-mate
--
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
On 3/23/07, mess-mate <mess-mate@wanadoo.fr> wrote:> Hi list, > i''ve installed syslog-ng in replacement of the old syslog but can''t > get the log logged to /var/log/shorewall/warn.log, etc... > > here are my settings in the syslog-ng.conf : > destination d_shorewall_warn > { > file ("/var/log/shorewall/warn.log" > owner(root) > group(root) > ); > }; > > destination d_shorewall_info > { > file ("/var/log/shorewall/info.log" > owner(root) > group(root) > ); > }; > > filter f_shorewall_warn > { > level (warn) and match ("Shorewall"); > }; > > filter f_shorewall_info > { > level (info) and match ("Shorewall"); > }; > > log > { > source (s_all); > filter (f_shorewall_warn); > destination (d_shorewall_warn); > }; > > log > { > source (s_all); > filter (f_shorewall_info); > destination (d_shorewall_info); > }; > > The /var/log/shorewall/warn and info.log have the root:root 644 > permissions. > > At now everything is logged in /var/log/messages. > What did i wrong ?Not sure, seems to be the same as my config, except that I don''t filter for warn/info. My only difference is that I have a "flags(final);" in my log statement, because I don''t want the messages to appear in my shorewall log and in messages. ~David ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
mess-mate wrote:> > At now everything is logged in /var/log/messages.Are you complaining that Shorewall messages are logged in one of your Shorewall logs *and* in /var/log/messages or are you complaining that they are logged in /var/log/messages but *not* in the Shorewall logs? In either event, I''ve attached a syslog-ng.conf that works -- you can use it as an example. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Tom Eastep <teastep@shorewall.net> wrote: | mess-mate wrote: | | > | > At now everything is logged in /var/log/messages. | | Are you complaining that Shorewall messages are logged in one of your | Shorewall logs *and* in /var/log/messages or are you complaining that they | are logged in /var/log/messages but *not* in the Shorewall logs? | | In either event, I''ve attached a syslog-ng.conf that works -- you can use it | as an example. | | -Tom | -- Thanks, your syslog-ng.conf putted me on the right way. It works now and a ''not match'' did the trick to not logging to /var/log/messages. best regards mess-mate -- ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV