Forum Discussion
Stefan_Klotz
Jul 18, 2011Cumulonimbus
It seems to work now. I can at least see the outgoing message in the tcpdump. Waiting now for confirmation from the customer.
I removed the remote syslog server config ('b syslog remote server none') and then I could successfully restart the syslog-ng deamon.
But I'm still wondering, because I thought I tried exactly this configuration before and it was not working.
My syslog config is now:
syslog {
authpriv from notice
authpriv to emerg
cron from warning
cron to emerg
daemon from notice
daemon to emerg
include "
destination remote_server {
udp6(\"2620:0000:0C10:F501:0000:0002:8883:EC0F\" port (514));
};
filter f_local0 {
facility(local0) and not match(\": Access from:\");
};
filter f_local0_accesslog {
facility(local0) and match(\": Access from:\");
};
log {
source(local);
filter(f_local0_accesslog);
destination(remote_server);
};
"
kern from notice
kern to emerg
mail from notice
mail to emerg
messages from notice
messages to warning
userlog from notice
userlog to emerg
remote server none
}
Ciao Stefan :)