[syslog-ng]Maillog to be split

JulesF syslog-ng@lists.balabit.hu
Mon, 10 Jan 2005 18:32:49 +0000


Thanks Dave. I have not got a clue where to start. I'm running Postfix as
my MTA. How much more difficult would this be to set up than with Sendmail?



On 18:20:20 January 10, 2005 Dave Johnson <davejjohnson@gmail.com> wrote:
> Jules--
>
> This is going to be mta specific.  IE: depending on what your running
> and your requirements are; its possible to have one mta process accept
> and queue the mail; and another one that send/deliver the mail.  If
> this is the case; it maybe possible for the mta to have different
> syslog facilities/priorities for each of these processes.  Again; this
> is going to be mta specific.
>
> The other option is to regex out the lines your want to be seperated.
> So for example [off the top of my head-- you can try something like
> this (which I haven't tested:]  on sendmail; only logging inbound
> accepted messages and outbound attempts:
> (some errors will not be picked up on these regexes):
>
> filter f_mailin { facility (mail); match("daemon=MTA"); };
> filter f_mailout { facility (mail); match("mailer=esmtp"); };
> destination maillogin { file ("/var/log/maillog.in" perm(0644); };
> destination maillogout { file ("/var/log/maillog.out" perm(0644); };
> log { source(local); filter(f_mailin); destination(maillogin); };
> log { source(local); filter(f_mailout); destination(maillogout); };
>
>
>
> On Mon, 10 Jan 2005 17:11:07 +0000, JulesF <julesf@the4.co.uk> wrote:
> >  How would I go about splitting the maillog to show both inbound and
> >  outbound services in different files; what amenedments need to be
> >  made to syslong-ng.conf?
> >
> >  The current maillog entry:
> >
> >  destination d_mail { file("/var/log/maillog"); };
> >
> >  Thanks. J
> >
> >  _______________________________________________
> >  syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> >  https://lists.balabit.hu/mailman/listinfo/syslog-ng
> >  Frequently asked questions at http://www.campin.net/syslog-ng/faq.h
> > tml
> >
> >
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>