1 |
on 2005-11-27 16:09 Abhay Kedia wrote the following: |
2 |
> Can some one please give me any links where I can read about how to easily |
3 |
> configure syslog-ng.conf and achieve what I desire. If you could give exact |
4 |
> entries then I would be more than greatful. |
5 |
|
6 |
I do iptables with --log-prefix "{fw}" |
7 |
and in my syslog-ng.conf |
8 |
<snip> |
9 |
source s_kern { pipe("/proc/kmsg"); }; |
10 |
|
11 |
destination d_kernel { file("/var/log/kernel.log"); }; |
12 |
destination d_firewall { file("/var/log/firewall.log"); }; |
13 |
|
14 |
filter f_firewall { match('\{fw\}'); }; |
15 |
filter f_notfirewall { not match('\{fw\}'); }; |
16 |
|
17 |
# log kernel messages |
18 |
log { source(s_kern); filter(f_kern); filter(f_notfirewall); |
19 |
destination(d_kernel); }; |
20 |
# firewall messages |
21 |
log { source(s_kern); filter(f_firewall); |
22 |
destination(d_firewall); }; |
23 |
</snip> |
24 |
|
25 |
Cheers |
26 |
Tobias |
27 |
|
28 |
-- |
29 |
GPG-Key 0xEF37FF28 - 1024/4096 DSA/ELG-E - 16.11.2001 |
30 |
Fingerprint: 3C4B 155F 2621 CEAF D3A6 0CCB 937C 9597 EF37 FF28 |