[ale] ReSolved: **One of ** BTwo syslog-ng questions
John Mills
johnmills at speakeasy.net
Tue Jun 8 11:05:24 EDT 2010
On Mon, 7 Jun 2010, John Mills wrote:
> I use 'syslog-ng' to capture and separate log messages sent to a central
> server from several "systems under test". I defined a 'source' for
> incoming syslog traffic:
> filter f_mybaby { host("<hostname>"); };
> filter f_notmybaby { not host("<hostname>"); };
> How can I do the screening on IP instead of <hostname>?
In '/etc/syslog-ng/syslog-ng.conf' I added the startup option:
'use_dns(off)'. Incoming traffic will be logged by IP. This setting is
global so it will apply to all logs.
'syslog-ng/syslog-ng.conf':
options { long_hostnames(off); sync(0); perm(0640); stats(3600);
use_dns(off); };
I then updated my filters with the IP of interest.
- Mills
More information about the Ale
mailing list