};
source s_sys {
- pipe ("/proc/kmsg" program_override("kernel"));
+ file ("/proc/kmsg" program_override("kernel"));
unix-stream("/dev/log" max-connections(1000));
internal();
};
filter f_freshclam { program(freshclam); };
filter f_ppp { program(pppd) or program(chat); };
filter f_postgres { program(postgres); };
-filter f_iptables { match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*"); };
+filter f_iptables { match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*" value("MESSAGE")); };
log { source(s_sys); filter(f_authpriv); destination(d_authlog); };
log { source(s_sys); filter(f_cron); destination(d_cron); };