1 |
"Dan Egli" <dan@×××××××××××.site>, 08.04.2021, 20:15: |
2 |
|
3 |
> I'm afraid that didn't work either. I did as you said, and changed the syslog filter line to read: filter syslog { not filter(sshd) and not filter (samba); }; which would match the previous lines (see URL below). I still see sshd messages in /var/log/messages when I ssh into the machine. I'm totally lost. I've posted relevant files for everyone to see. All are updated in real time becuase they are either symlinks to the actual files, or are the target of a redirection directly: |
4 |
|
5 |
> https://www.newideatest.site/syslog-conf = /etc/syslog-ng/syslog-ng.conf |
6 |
|
7 |
Is the filter definition correct? |
8 |
|
9 |
filter sshd { program("ssdhd"); }; |
10 |
^ ??? |
11 |
|
12 |
s. |
13 |
|
14 |
> https://www.newideatest.site/syslog-out = output of syslog-ng -Fdav |
15 |
> https://www.newideatest.site/system_log = /var/log/messages |
16 |
|
17 |
|
18 |
> Any further ideas are most welcome. |