"Dan Egli" <d...@newideatest.site>, 08.04.2021, 20:15:
> I'm afraid that didn't work either. I did as you said, and changed the
> syslog filter line to read: filter syslog { not filter(sshd) and not filter
> (samba); }; which would match the previous lines (see URL below). I still see
> sshd messages in /var/log/messages when I ssh into the machine. I'm totally
> lost. I've posted relevant files for everyone to see. All are updated in real
> time becuase they are either symlinks to the actual files, or are the target
> of a redirection directly:
> https://www.newideatest.site/syslog-conf = /etc/syslog-ng/syslog-ng.conf
Is the filter definition correct?
filter sshd { program("ssdhd"); };
^ ???
s.
> https://www.newideatest.site/syslog-out = output of syslog-ng -Fdav
> https://www.newideatest.site/system_log = /var/log/messages
> Any further ideas are most welcome.
