Talk:Syslog-ng

From ArchWiki
Revision as of 21:39, 8 February 2011 by Tojaj (Talk | contribs) (Is match() example right?: new section)

Jump to: navigation, search

after the example syslog-ng.conf, and aside from the timestamps and remote loghost tips, most of this article has been adapted from the gentoo wiki page for syslog-ng.conf .. FYI

So yes it needs updating for arch please

AskApache 22:19, 14 September 2010 (EDT)

Is match() example right?

The example:

 filter f_failed { match("regex" value("failed")); };

is in my opinion bad.

List of supported values in value() should be: "HOST", "HOST_FROM", "MESSAGE", "PROGRAM", "PID", "MSGID" and "SOURCE".

More info: https://lists.balabit.hu/pipermail/syslog-ng/2009-April/012789.html

Better example could be:

 filter f_grsecurity { match("^grsec" value("MESSAGE")); };

This is real/working example from my syslog-ng config.