[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] ReSolved: One of BTwo syslog-ng questions

Subject: [ale] ReSolved: **One of ** BTwo syslog-ng questions
From: johnmills at speakeasy.net (John Mills)
Date: Tue, 8 Jun 2010 11:05:24 -0400 (EDT)
In-reply-to: <[email protected]>
References: <[email protected]>

On Mon, 7 Jun 2010, John Mills wrote:

> I use 'syslog-ng' to capture and separate log messages sent to a central
> server from several "systems under test". I defined a 'source' for
> incoming syslog traffic:

> filter f_mybaby { host("<hostname>"); };
> filter f_notmybaby { not host("<hostname>"); };

>  How can I do the screening on IP instead of <hostname>?

In '/etc/syslog-ng/syslog-ng.conf' I added the startup option: 
'use_dns(off)'. Incoming traffic will be logged by IP. This setting is 
global so it will apply to all logs.

'syslog-ng/syslog-ng.conf':
options { long_hostnames(off); sync(0); perm(0640); stats(3600); 
use_dns(off); };

I then updated my filters with the IP of interest.

  - Mills

References:
- [ale] Two syslog-ng questions
  - From: johnmills at speakeasy.net (John Mills)

Prev by Date: [ale] tty1 vs tty2,3,4,etc
Next by Date: [ale] screen recorder with video for ubuntu
Previous by thread: [ale] Two syslog-ng questions
Next by thread: [ale] Ale Digest, Vol 29, Issue 37
Index(es):
- Date
- Thread

[ale] ReSolved: **One of ** BTwo syslog-ng questions

[ale] ReSolved: One of BTwo syslog-ng questions