On 12/15/2012 12:01 AM, mindman101 wrote: > > Hello list! > > Does anyone know how to send an event to syslog-ng under sec rules? > > I mean, something like: > > action: send_syslog(facility, level, event) > > Thanks for your support.
In the 2.7.1 version, one efficient way for this is communicating directly with the /dev/log socket. This is useful if you want to issue events with different tags (program names), since standard openlog(3) and syslog(3) calls do not allow for changing the syslog tag. There is an updated example on this topic in the SEC rule repository: http://simple-evcorr.sourceforge.net/rulesets/syslog-custom.sec This example also illustrates how to encapsulate your own code into a custom Perl module, instead of writing the code directly into SEC rules. kind regards, risto > > > > > ------------------------------------------------------------------------------ > LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial > Remotely access PCs and mobile devices and provide instant support > Improve your efficiency, and focus on delivering more value-add services > Discover what IT Professionals Know. Rescue delivers > http://p.sf.net/sfu/logmein_12329d2d > > > > _______________________________________________ > Simple-evcorr-users mailing list > Simple-evcorr-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ Simple-evcorr-users mailing list Simple-evcorr-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
