on 2005-11-27 16:09 Abhay Kedia wrote the following: > Can some one please give me any links where I can read about how to easily > configure syslog-ng.conf and achieve what I desire. If you could give exact > entries then I would be more than greatful.
I do iptables with --log-prefix "{fw}"
and in my syslog-ng.conf
<snip>
source s_kern { pipe("/proc/kmsg"); };
destination d_kernel { file("/var/log/kernel.log"); };
destination d_firewall { file("/var/log/firewall.log"); };
filter f_firewall { match('\{fw\}'); };
filter f_notfirewall { not match('\{fw\}'); };
# log kernel messages
log { source(s_kern); filter(f_kern); filter(f_notfirewall);
destination(d_kernel); };
# firewall messages
log { source(s_kern); filter(f_firewall);
destination(d_firewall); };
</snip>
Cheers
Tobias
--
GPG-Key 0xEF37FF28 - 1024/4096 DSA/ELG-E - 16.11.2001
Fingerprint: 3C4B 155F 2621 CEAF D3A6 0CCB 937C 9597 EF37 FF28
signature.asc
Description: OpenPGP digital signature
