| 1 |
on 2005-11-27 16:09 Abhay Kedia wrote the following: |
| 2 |
> Can some one please give me any links where I can read about how to easily |
| 3 |
> configure syslog-ng.conf and achieve what I desire. If you could give exact |
| 4 |
> entries then I would be more than greatful. |
| 5 |
|
| 6 |
I do iptables with --log-prefix "{fw}" |
| 7 |
and in my syslog-ng.conf |
| 8 |
<snip> |
| 9 |
source s_kern { pipe("/proc/kmsg"); }; |
| 10 |
|
| 11 |
destination d_kernel { file("/var/log/kernel.log"); }; |
| 12 |
destination d_firewall { file("/var/log/firewall.log"); }; |
| 13 |
|
| 14 |
filter f_firewall { match('\{fw\}'); }; |
| 15 |
filter f_notfirewall { not match('\{fw\}'); }; |
| 16 |
|
| 17 |
# log kernel messages |
| 18 |
log { source(s_kern); filter(f_kern); filter(f_notfirewall); |
| 19 |
destination(d_kernel); }; |
| 20 |
# firewall messages |
| 21 |
log { source(s_kern); filter(f_firewall); |
| 22 |
destination(d_firewall); }; |
| 23 |
</snip> |
| 24 |
|
| 25 |
Cheers |
| 26 |
Tobias |
| 27 |
|
| 28 |
-- |
| 29 |
GPG-Key 0xEF37FF28 - 1024/4096 DSA/ELG-E - 16.11.2001 |
| 30 |
Fingerprint: 3C4B 155F 2621 CEAF D3A6 0CCB 937C 9597 EF37 FF28 |
Archives