I don't want to discuss about this, for me it is a waste of time.
Here is the details of the syslog-ng thread x-D
I found the solution few days ago in the pfsense boards/forum, before I
sent the email to mailing list.
I modified the code to include the proper configuration for my
environment and it is pending from systems team, they need to configure
the servers.
In the meantime I asked for more templates to have other points of view
and maybe collect some ideas (filters, modifications in the internal
syslog-ng...). Nothing else.
So, that is the reason because my question was no too accurated, and
that is the reason because -IMHO- your answer was out of context.
None of my comments regarding this thread -except this one- are out
context, I asked for something and someone replied me (it was a correct
answer but not as accurated as I needed), and I replied again, as easy
as that. The email I sent saying that I was looking for more specific
was a comment, sorry if that email disturbs you.
Your emails don't have any value for me. No one replied me with a proper
template (as I wanted) and I don't blame anyone because of that, I know
that the people here is replying under best-effort rules. If I don't
obtain any reply it is ok for me too.
So, for the rest of this thread, if there are new messages I would like
to see something related to syslog-ng and my initial question and my
comment.
Here is the code if you have any technical comments to do, if not, have
a good day :D:
source pf-fw1 { udp(p(10.10.10.242) port(514)); };
destination pf-d_kern
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/kernel"); };
destination pf-d_mesg
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/messages"); };
destination pf-d_auth
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/secure"); };
destination pf-d_mail
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/maillog"); };
destination pf-d_uucp
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/spooler"); };
destination pf-d_boot
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/boot.log"); };
destination pf-d_emerg
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/emerg.log"); };
destination pf-d_sshd
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/sshd.log"); };
destination pf-d_pptpd
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/pptpd.log"); };
destination pf-d_daemon
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/daemon.log"); };
destination pf-d_firewall
{ file("/var/log/network/fw1/$YEAR/$MONTH/$DAY/firewall.log"); };
filter pf-f_kern { facility(kern); };
filter pf-f_mesg { level(info) and not
facility(mail,authpriv,kern,local7); };
filter pf-f_auth { facility(authpriv); };
filter pf-f_mail { facility(mail); };
filter pf-f_uucp { facility(uucp); };
filter pf-f_boot { facility(local7); };
filter pf-f_emerg { level(emerg); };
filter pf-f_sshd { program("sshd"); };
filter pf-f_pptpd { match("pptpd"); };
filter pf-f_daemon { facility(daemon); };
filter pf-f_firewall { level(debug); };
log { source(pf-fw1); filter(pf-f_kern); destination(pf-d_kern); };
log { source(pf-fw1); filter(pf-f_mesg); destination(pf-d_mesg); };
log { source(pf-fw1); filter(pf-f_auth); destination(pf-d_auth); };
log { source(pf-fw1); filter(pf-f_mail); destination(pf-d_mail); };
log { source(pf-fw1); filter(pf-f_uucp); destination(pf-d_uucp); };
log { source(pf-fw1); filter(pf-f_boot); destination(pf-d_boot); };
log { source(pf-fw1); filter(pf-f_emerg); destination(pf-d_emerg); };
log { source(pf-fw1); filter(pf-f_sshd); destination(pf-d_sshd); };
log { source(pf-fw1); filter(pf-f_pptpd); destination(pf-d_pptpd); };
log { source(pf-fw1); filter(pf-f_daemon); destination(pf-d_daemon); };
log { source(pf-fw1); filter(pf-f_firewall);
destination(pf-d_firewall); };
source pf-fw2 { udp(p(10.10.10.243) port(514)); };
destination pf-d_kern
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/kernel"); };
destination pf-d_mesg
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/messages"); };
destination pf-d_auth
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/secure"); };
destination pf-d_mail
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/maillog"); };
destination pf-d_uucp
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/spooler"); };
destination pf-d_boot
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/boot.log"); };
destination pf-d_emerg
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/emerg.log"); };
destination pf-d_sshd
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/sshd.log"); };
destination pf-d_pptpd
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/pptpd.log"); };
destination pf-d_daemon
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/daemon.log"); };
destination pf-d_firewall
{ file("/var/log/network/fw2/$YEAR/$MONTH/$DAY/firewall.log"); };
filter pf-f_kern { facility(kern); };
filter pf-f_mesg { level(info) and not
facility(mail,authpriv,kern,local7); };
filter pf-f_auth { facility(authpriv); };
filter pf-f_mail { facility(mail); };
filter pf-f_uucp { facility(uucp); };
filter pf-f_boot { facility(local7); };
filter pf-f_emerg { level(emerg); };
filter pf-f_sshd { program("sshd"); };
filter pf-f_pptpd { match("pptpd"); };
filter pf-f_daemon { facility(daemon); };
filter pf-f_firewall { level(debug); };
log { source(pf-fw2); filter(pf-f_kern); destination(pf-d_kern); };
log { source(pf-fw2); filter(pf-f_mesg); destination(pf-d_mesg); };
log { source(pf-fw2); filter(pf-f_auth); destination(pf-d_auth); };
log { source(pf-fw2); filter(pf-f_mail); destination(pf-d_mail); };
log { source(pf-fw2); filter(pf-f_uucp); destination(pf-d_uucp); };
log { source(pf-fw2); filter(pf-f_boot); destination(pf-d_boot); };
log { source(pf-fw2); filter(pf-f_emerg); destination(pf-d_emerg); };
log { source(pf-fw2); filter(pf-f_sshd); destination(pf-d_sshd); };
log { source(pf-fw2); filter(pf-f_pptpd); destination(pf-d_pptpd); };
log { source(pf-fw2); filter(pf-f_daemon); destination(pf-d_daemon); };
log { source(pf-fw2); filter(pf-f_firewall);
destination(pf-d_firewall); };
El mié, 13-05-2009 a las 06:24 -0600, RB escribió:
> On Wed, May 13, 2009 at 03:02, luismi <asturlui...@gmail.com> wrote:
> > PFFFFF
>
> You do, of course, realize that 99.9% of the people that offer help on
> this list are not paid to do so and that by copping an attitude you've
> pretty much blown your chances of getting help?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
