Logsurfer configuration
Hello
Im trying to configure Logsurfer and im a bit confused of the context thingy. I start logsurfer with the following command: logsurfer -c conf /var/log/auth.log And it tells me: [HTML] unknown default action: rule before "sshd\\[$2\\]:" - - - 0 exec "/bin/echo $0" unknown default action: rule before "sshd\\[$2\\]:" - - - 0 exec "/bin/echo $0" unknown default action: rule before "sshd\\[$2\\]:" - - - 0 exec "/bin/echo $0" [/HTML] And my conf file says: [HTML] "CRON" - - - 0 ignore 'sshd\[([0-9]*)\]: Illegal' - - - 0 open "sshd\\[$2\\]:" - 5000 1800 600 rule before "sshd\\[$2\\]:" - - - 0 exec "/bin/echo $0" ".*" - - - 0 ignore [/HTML] Isnt the context default action syntax right? I guess not.. The thing im trying to do is get all messages printed from each context. Ill appreciate any help very much. |
All times are GMT -5. The time now is 10:22 AM. |