Syslog facilities

[qriff]

Seems there is a difference between syslog remote, local and to file. REMOTE declares levels and is forced with facilities, LOCAL seems to disregard it all and just dumps it raw like FILE.

Aug  9 09:22:38 Servername Artillery has blocked (blacklisted) the following IP for SSH brute forcing violations: 195.xxx.xxx.102

Aug  9 09:22:38 Servername Artillery has blocked (blacklisted) the following IP for SSH brute forcing violations: 195.xxx.xxx.102

Aug  9 09:22:38 Servername Artillery has blocked (blacklisted) the following IP for SSH brute forcing violations: 195.xxx.xxx.102

...

vs

Aug  9 09:22:38 Servername artillery/brute[4348] Blocked (blacklisted) the following IP for SSH brute forcing violations: 195.xxx.xxx.102

Aug  9 09:22:38 Servername artillery/brute[4348] Blocked (blacklisted) the following IP for SSH brute forcing violations: 195.xxx.xxx.102

Aug  9 09:22:38 Servername artillery/brute[4348] Blocked (blacklisted) the following IP for SSH brute forcing violations: 195.xxx.xxx.102

...

There is also the repetition of messages...

[russhaun]

from the config file on line 124-125
Specify SYSLOG TYPE to be local, file or remote. LOCAL will pipe to syslog, REMOTE will pipe to remote SYSLOG, and file will send to alerts.log in local artillery directory.

I think this is expected behavior on linux. (someone please correct me if i am wrong) like i said before i am a windows guy by practice so just give me some time. i will look into duplicate issue for you.

[oldkingcone]

Thats how it works @russhaun, at least thats how it has worked for me, results may vary.

[qriff]

Just for random reference, something in the general lines of https://stackoverflow.com/questions/4261253/how-do-i-set-the-ident-string-when-using-logging-sysloghandler-in-python-2-6

[russhaun]

hey @qriff check out the latest release your issue might be resolved