Hello,
I want to take actions when specific logs appear but still want to log
them in a file (for further inspection). But "!!prog" does not work as I
would expect. I've tested on 7.1 and 7.2/snapshots.
When using '!!', only the first action is applied. I configured
syslog.conf this way:
!!sshd
*.* /var/log/sshd
*.* |/home/jca/Téléchargements/sshd_alert
!*
In this configuration, only logging to the file works.
If I configure :
!!sshd
#*.* /var/log/sshd
*.* |/home/jca/Téléchargements/sshd_alert
!*
then the pipe works and the script runs ok.
The manpage says: "!!prog causes the subsequent block to abort
evaluation when a message matches, ensuring that only a single set of
actions is taken." As it says "set of actions", I expected my
configuration to work.
Is it possible to take several actions inside a !!prog block?
Thank you,
Joel C.
No comments:
Post a Comment