Gene Heskett wrote: >> I think it's something like: >> :hostname, isequal, "router" >> >> *.* /var/log/DD_WRT_router.log >> > I tried that, and it duplicated the host machines log to the target. :) Can you clarify? You put it as three lines like that? > So I'm now trying: > :msg, contains, "router" /var/log/dd-wrt/router.log Counter-intuitively (but seemingly confirmed by some quick testing), I don't think hostname is part of the message. I have another idea that DID appear to work (obviously I tested with my own hostname), though it didn't log as much as I expected ...</ominous>: :HOSTNAME, isequal, "router" /var/log/dd-wrt/router.log All one line, capitalized HOSTNAME. Also, just to be safe make sure /var/log/dd-wrt/router.log already exists with the same permissions (user/group/mode) as /var/log/messages before you restart rsyslogd. > If I put it on two lines, it fussed on the restart because there was a line > without an action. Right, my mistake. > Is it an absolute requirement? If not, how to stop it? You /might/ be able to disable it if you hard-coded the MAC address of every machine (including routers, firewalls, etc.) on your LAN. However, I highly advise against attempting this. Matt Flaschen -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
