Log Definition

log { source(src); filter(f_iptables); destination(firewall); };

For any log entry you want to make, you need to specify the logging source (in this case /dev/log and / var/lib/ntp/dev/log),the filter (anything from the kernel that contains either IN= or OUT=), and the destination (in this case the file /var/log/firewall).

You should now have enough information to help you set up simple syslog-ng rules and to distinguish why and where you would use syslog-ng and its more granular control compared to what syslog offers. As you can likely see, you can ultimately do powerful things with syslog-ng by combining network sources with complicated filters.

Was this article helpful?

0 0

Post a comment