Dotaz: sshd log a syslog-ng

Uz delsi dobu se snazim syslog-ng prinutit aby mi pokusy o pripojeni k ssh serveru logoval do /var/log/auth.log.

Bohuzel se mi to stale nedari a logovani stale probiha do /var/log/messages :(.

Muzete mi nekdo poradit jak nastavit syslog-ng aby logoval pokusy o pripojeni k ssh serveru do /var/log/auth.log ?

/etc/syslog-ng/syslog-ng.conf:

options {
        chain_hostnames(off);
        sync(0);

stats(43200);
};

source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };

destination messages { file("/var/log/messages"); };
destination authlog { file("/var/log/auth.log"); };


#Filters
filter f_sshd           { match("sshd"); };
filter f_auth           { facility(auth); };
filter f_authpriv       { facility(auth, authpriv); };

log { source(src); destination(messages); };
log { source(src); destination(console_all); };

- podla toho co si napisal, si definoval, ze chces sledovat sshd, ale si nenapisal kam to ma ukladat, do akeho logu...

- pozri pripadne aj v /usr/share/doc/syslog-ng... ci sa tamnenachadza nejaky vzorovy subor .conf? ja tam osobne na mojom gentoo mam ulozene nejake vzorove konfiguracie... je to dobre na inspiraciu :)

- posielam ti moj skrateny syslog-ng.conf..iba postupne tam pridavam veci, ktore si chcem sledovat

=============================

options { 
	long_hostnames(off); 
	sync(0); 
	stats(43200); 
};

source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };

destination messages { file("/var/log/messages"); };

# By default messages are logged to tty12...
destination console_all { file("/dev/tty12"); };


# ...if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file("/dev/console"); };

log { source(src); destination(messages); };
log { source(src); destination(console_all); };


# log cron (by gu100, 02/08/2006)

filter f_cron { facility(cron); };
destination cron {file("/var/log/syslog-cron"); };
log {source(src); filter(f_cron); destination(cron); };


# log sshd (by gu100, 02/08/2006)

filter f_sshd { match(sshd); };
destination sshd {file("/var/log/syslog-sshd"); };
log {source(src); filter(f_sshd); destination(sshd); };