Date: Wed, 17 May 2000 19:36:46 +0200
This double logging may be either caused by having defined two rules =
log to the same log file (but you said that you have defined only one =
right?) or the syslog sender is sending every message twice. If =
use a sniffer (like MS Network Monitor) to capture the syslog traffic
(destination port: UDP/514) and analyze it.
"Paul Trivino" <email@example.com> wrote in message
> Hi! We're trying to evaluate SL4NT V2.0. All I've done so far is
> logging to my SL4NT system, with a basic Action of "Log to File" =
> a Rule that says Src Addr of 10.9.1.1, any level, do above Rule. Just =
> basic capture to see how this works. However, when I create a log =
> get 2 copies of the message in the log file!!
> This certainly might be a device-specific thing - I'm trying to do
> syslog on a Nortel Accelar 1100 switch. I'll try another device as =
> but have you seen this behavior before?
> Paul Trivino
> Alaris Medical Systems, Inc.