hello i found a syslog.conf manual on the net--to whatever syslogd package that may fit--that describes filters for 'programs' and 'hostnames', like:
# Save ftpd transactions along with mail and news !ftpd *.* /var/log/spoolerr # Save forwards from hostname +hostname *.* /var/log/hostname to better settle this feature into the given syntax, one could turn the program and hostname identifiers into facilities, like: &ftpd.warning # log ftpd warnings and higher to XXX @foo.warning # log warnings and higher from foo to XXX because there may be many progs and hosts, a group identifier (an alias) would be nice, like: $inetd-daemons &ftpd,&telnetd,... # alias the inetd daemons inetd-daemons.warning # log warnings and higher from the # progs aliased with 'inetd-daemons' this could also be used to alias facilities and levels: $danger =crit,=err $most *,!auth,!authpriv most.danger '/var/log/_alert_!!!' !most.danger '/var/log/urgent' the above also shows an alternative writing for .none, widening the usage. what do you think? MeloDramus <melodra...@online.de>