<div dir="ltr"><div>Hi,</div><div><br></div><div>as per this:</div><div><a href="https://www.syslog-ng.com/syslog-ng-faq/">https://www.syslog-ng.com/syslog-ng-faq/</a></div><div></div><div>I ran</div><div>ulimit -c unlimited<br> </div><div>syslog-ng -Fdv <br></div><div>so it should place the core dump in the current locatioin which it doesn't.</div><div> I checked the suggested path to but it is not there so I am currently unable to provide you with the back trace.</div><div><br></div><div>Sincerely <br></div><div>Niklas Deffner<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2018-07-04 16:44 GMT+02:00 Szemere, László <span dir="ltr"><<a href="mailto:laszlo.szemere@balabit.com" target="_blank">laszlo.szemere@balabit.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div> Thank You for the detailed config, I will try to reproduce the error based on this.</div><div> (In the meantime, could you please extract the back trace from the core file?)</div><div><br></div><div>Br,</div><div>Laci</div><div><br></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jul 4, 2018 at 4:31 PM, T4iga <span dir="ltr"><<a href="mailto:niklastai97@gmail.com" target="_blank">niklastai97@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>I did not see your email from 2 minutes before mine. The config i used was this:</div><div>I removed the content of the filters because it contains IP adresses I would not like to share.</div><div>I hope that is not to relevant as per the evaluation. <br></div><div>You can see from the above email, that these exact filters do match the message<br> so it should work as far as i can tell.<br></div><br><div>############### Globale Optionen ###############<br>@version:3.16.1<span><br>@include "scl.conf"<br><br>options {<br>        chain_hostnames(off);   # Standard<br>        flush_lines(0);         # Standard<br>        perm(0640);             # Standard<br>        stats_freq(3600);       # Standard<br>        threaded(yes);          # Standard <br>        create-dirs(yes);       # erlaubt Syslog-NG, falls noetig, neue Verzeichnisse anzulegen<br>        dir-owner(root);        # die neuen Verzeichnisse gehoeren root<br>        dir-perm(0640);         # entspricht -rw-r-----, Besitzer: Lesen, Schreiben; Gruppe: Lesen; Alle: Nichts<br>        file-template(t_myLoggingForma<wbr>t); # legt Standart-Template fuer file Destinations fest<br></span><span>};<br><br>############### Sources - Quellen ###############<br># Fuer interne Nachrichten<br>source s_myInternalSource {<br>        system();       # von Betriebssystem und aehnlichem<br>        internal();     # Syslog-interne Nachrichten<br>};<br><br># Fuer Netzwerk-Nachrichten<br>source s_myNetworkSource {<br></span>        syslog(<br>                ip(0.0.0.0)      # <br>                port(601)        # Standardport für legacy RFC 3164 UDP syslog <br>                transport("udp") #<br>        );<br><br>        syslog(<br>                ip(0.0.0.0)      #<br>                port(514)        # Non-Standardport<br>                transport("udp") #<br>        );<br><br>        syslog(<br>                ip(0.0.0.0)      # Bedeutet NICHT, das von allen angenommen wird, siehe filter<br>                port(601)        # Standardport für RFC 5424 TCP Syslog ist 601<br>                transport("tcp") # TCP, damit Nachrichten garantiert am Ziel ankommen<br>        );<br>        syslog(<br>                ip(0.0.0.0)      #<br>                port(514)        # Non-Standard Port<br>                transport("tcp") #<br>        );<br>        ### UDP ### fuer Checkpoint<br>        #syslog(<br>        #       ip(0.0.0.0)<br>        #       port(601)<br>        #       transport("udp")<br>        #);<br>        #syslog(<br>        #       ip(0.0.0.0)<br>        #       port(514)<br>        #       transport("udp")<br>        #);<span><br><br>};<br><br>############### Templates - Vorlagen ###############<br># Aufbau des Nachrichteninhalts fuer Dateiziele<br>template t_myLoggingFormat {<br>        template("$(padding ${FULLHOST} 15 '')|${ISODATE}|PRI:$(padding ${PRI} 3 '')|${MSGHDR} ${MSG}\n");<br>};</span></div><div><span># Legacy-Nachrichten werden anders geparst<br># Mit Standardtempalte wir die Originalnachricht vollständig in MSG eingefügt<br><br># Fuer Nachrichtenpfad<br># Dateiname ist Tag(Nummer innerhalb des Monats)-Kuerzel(Mon, Tue, Wen, Thu, Fri, Sat, Sun)<br></span># zum Beispiel "<a href="http://127.0.0.1/2018/Jan/17-Sat" target="_blank">127.0.0.1/2018/Jan/17-Sat</a>"<span><br>template t_destination {<br>        template("${FULLHOST}/${YEAR}/<wbr>${YEAR}-${MONTH_ABBREV}-${DAY}<wbr>.log");<br>};<br><br>############### Filter ###############<br># Ein Filter je Quelle<br># Filter kann man so machen: <br># filter <filter-id><br># {"<macro-or-template>" operator "<value-or-macro-or-template>"<wbr>};<br># oder mit Functions<br>filter f_noDebug {<br>        level(emerg..info);           <wbr>  # Schließt Debug-Nachrichten aus <br>};<br><br>filter f_networkfilter {<br>};<br><br></span>filter f_checkpoints {<br>};<br><br><br>############### Rewrite Rules ######################<br>rewrite r_checkpoint_remove_irrelevant {<br>        subst(<br>                '\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} - ',<br>                '',<br>                type("pcre"),<br>                value("MESSAGE") flags("utf8" "store-matches")<span><br>        );<br><br>};<br><br>############### Ziele - Destinations ###############<br># Ein Ziel fuer jede IP-Adresse, Jahr, Monat, Tag, etc<br>destination d_myDestination{<br>        file("/var/log/syslog-ng/$FULL<wbr>HOST/$YEAR/$YEAR-$MONTH-$DAY.<wbr>log"<br>                create_dirs(yes)<br>        );<br>};<br><br>destination d_testination{<br>        file("/var/log/syslog-ng/test/<wbr>$FULLHOST/$YEAR/$YEAR-$MONTH-$<wbr>DAY.log"<br>                create_dirs(yes)<br>        );<br>};<br><br></span><span>############### Log-Pfade ###############<br># <br>log {<br>        source(s_myNetworkSource);    <wbr>          # Fuer TCP und UDP Nachrichten von allen Clients<br>        source(s_myInternalSource);   <wbr>          # interne Nachrichten<br></span>        filter(f_networkfilter);      <wbr>          # Nur 10.27.221er, 222er, 231er und 27er Netz<span><br>        filter(f_noDebug);            <wbr>          # alle außer debug<br>        destination(d_myDestination); <wbr>          # universal Ziel; siehe Template<br>};<br>#<br></span>log {   # for testing purposes<br>        source(s_myNetworkSource);<br>        filter(f_checkpoints);        <wbr>  # Nur Checkpoint-Non-Standard<br>        filter(f_noDebug);<br>#       rewrite(r_checkpoint_remove_ir<wbr>relevant);<br>        destination(d_myDestination);<br>};<br><br><br>#<br>#log {  # for testing purposes<br>#       source(s_myNetworkSource);<br>#       source { syslog( ip( 0.0.0.0) transport("udp") flags(syslog-protocol); };       <br>#       destination(d_testination);<br>#};<br><br>############################## ENDE ##############################                               <wbr>                <br></div></div><div class="m_6620463346098072690HOEnZb"><div class="m_6620463346098072690h5"><div class="gmail_extra"><br><div class="gmail_quote">2018-07-04 16:21 GMT+02:00 T4iga <span dir="ltr"><<a href="mailto:niklastai97@gmail.com" target="_blank">niklastai97@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi,</div><div><br></div><div>I uninstalled and reinstalled 3.16.1 as soon as it was available. The issue of no logging currently persists.<br><br></div><div>running <br></div><div> syslog-ng -Fdv</div><div>always ends in <br></div><div>[2018-07-04T16:15:27.124682] <<<<<< filter rule evaluation result; result='MATCH - Forwarding message to the next LogPipe', rule='f_noDebug', location='/etc/syslog-ng/syslo<wbr>g-ng.conf:85:19', msg='0x7ff5a40168c0'<br>[2018-07-04T16:15:27.124696] <<<<<< filter rule evaluation result; result='MATCH - Forwarding message to the next LogPipe', rule='f_checkpoints', location='/etc/syslog-ng/syslo<wbr>g-ng.conf:98:23', msg='0x7ff5a40168c0'<br>[2018-07-04T16:15:27.124709] <<<<<< Source side message processing finish; instance='0.0.0.0', location='/etc/syslog-ng/syslo<wbr>g-ng.conf:33:2', msg='0x7ff5a40168c0'<br>Floating point exception (core dumped)</div><div><br></div><div>and there are not messages writen the (local) file destination.</div><div>Could this be another issue with the build or is that my config? <br></div><div>The odd thing is i already reverted to an older config which was previously verified functional</div><div><br></div><div>Sincerely</div><div>Niklas Deffner<br></div></div><div class="m_6620463346098072690m_-7736893373379401804HOEnZb"><div class="m_6620463346098072690m_-7736893373379401804h5"><div class="gmail_extra"><br><div class="gmail_quote">2018-07-04 15:37 GMT+02:00 Niklas Deffner <span dir="ltr"><<a href="mailto:niklastai97@gmail.com" target="_blank">niklastai97@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br>
Hi,<br>
<br>
Thank you for the explanation. <br>
<br>
Is that also the reason why logging (in my case)does not work at all in this current state, no matter the config used, even 'crashless'?<br>
<br>
Sincerely <br>
Niklas Deffner<div><div class="m_6620463346098072690m_-7736893373379401804m_487904418277037847h5"><br><br><div class="gmail_quote">Am 4. Juli 2018 15:29:10 MESZ schrieb "Szemere, László" <<a href="mailto:laszlo.szemere@balabit.com" target="_blank">laszlo.szemere@balabit.com</a>>:<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">Hello T4iga,<div> Your error message helped a lot, Thank You. It successfully leaded us here: <span style="color:rgb(36,41,46);font-family:SFMono-Regular,Consolas,"Liberation Mono",Menlo,Courier,monospace;font-size:12px"><a href="https://github.com/balabit/syslog-ng/blob/41f7c202cb25433feb0fa9496960599a53b58522/modules/java/native/java-class-loader.c#L51" target="_blank">https://github.com/balab<wbr>it/syslog-ng/blob/41f7c202cb25<wbr>433feb0fa9496960599a53b58522/m<wbr>odules/java/native/java-class-<wbr>loader.c#L51</a></span></div><div> From this @Czanik and me figured out it was a configuration/packaging error. Peter immediately created a new build, which worked well on his local machine.</div><div> The opensuse building is still running: <a href="https://build.opensuse.org/package/show/home:czanik:syslog-ng316/syslog-ng" target="_blank">https://build.opensus<wbr>e.org/package/show/home:czanik<wbr>:syslog-ng316/syslog-ng</a> , please update your packages with the finished output.</div><div><br></div><div>Best regards,</div><div>Laci</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jul 4, 2018 at 10:51 AM, T4iga <span dir="ltr"><<a href="mailto:niklastai97@gmail.com" target="_blank">niklastai97@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div class="m_6620463346098072690m_-7736893373379401804m_487904418277037847m_4397583427993632792h5"><div class="gmail_extra"><div class="gmail_quote">2018-07-04 10:23 GMT+02:00 Fabien Wernli <span dir="ltr"><<a href="mailto:wernli@in2p3.fr" target="_blank">wernli@in2p3.fr</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">In order to put aside any systemd complexities,<br>
let's try to run syslog-ng in the foreground:<br>
<br>
    export LD_LIBRARY_PATH=/usr/lib64/jvm<wbr>/java-1.8.0-openjdk-1.8.0/jre/<wbr>lib/amd64/server<br>
    syslog-ng -Fdv<br>
<br>
What happens then?<br>
<div class="m_6620463346098072690m_-7736893373379401804m_487904418277037847m_4397583427993632792m_-3694051414785580784m_5291727609630860367gmail-HOEnZb"><div class="m_6620463346098072690m_-7736893373379401804m_487904418277037847m_4397583427993632792m_-3694051414785580784m_5291727609630860367gmail-h5">    <br>
______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=syslog<wbr>-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
</div></div></blockquote></div></div><div class="gmail_extra"><br></div></div></div><div class="gmail_extra">I got an error that lead me to correct another semantic error I made. <br></div><div class="gmail_extra">After correcting that it still crashes:</div><div class="gmail_extra">I suppose the initialization stuff is irrelevant as there are not errors apart from the end:</div><div class="gmail_extra"><br></div><div class="gmail_extra">[2018-07-04T10:37:37.193736] Java machine new;<br>[2018-07-04T10:37:37.242506] Can't find class; class_name='org/syslog_ng/Sysl<wbr>ogNgClassLoader'<br>**<br>ERROR:modules/java/native/java<wbr>_machine.c:206:java_machine_ge<wbr>t_class_loader: assertion failed: (self->loader)<br>Aborted (core dumped)</div><div class="gmail_extra"><br></div><div class="gmail_extra">Just in case the full thing is needed:<br></div><div class="gmail_extra"><br></div><div class="gmail_extra">#     syslog-ng -Fdv<br>[2018-07-04T10:37:37.182933] Systemd is detected as the running init system;<br>[2018-07-04T10:37:37.184634] Module loaded and initialized successfully; module='mod-java'<br>[2018-07-04T10:37:37.184664] Starting to read include file; filename='/etc/syslog-ng/scl.c<wbr>onf', depth='1'<br>[2018-07-04T10:37:37.184921] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/apache/apache.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.184927] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/cim/adapter.conf'<wbr>, depth='2'<br>[2018-07-04T10:37:37.184930] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/cim/template.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.184932] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/cisco/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.184934] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/default-network-d<wbr>rivers/plugin.conf', depth='2'<br>[2018-07-04T10:37:37.184937] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/elasticsearch/plu<wbr>gin.conf', depth='2'<br>[2018-07-04T10:37:37.184940] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/ewmm/ewmm.conf', depth='2'<br>[2018-07-04T10:37:37.184942] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/graphite/plugin.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.184945] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/graylog2/plugin.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.184947] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/hdfs/plugin.conf'<wbr>, depth='2'<br>[2018-07-04T10:37:37.184951] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/iptables/iptables<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.184955] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/kafka/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.184959] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/loadbalancer/plug<wbr>in.conf', depth='2'<br>[2018-07-04T10:37:37.184962] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/loggly/loggly.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.184966] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/logmatic/logmatic<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.184969] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/mbox/mbox.conf', depth='2'<br>[2018-07-04T10:37:37.184972] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/nodejs/plugin.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.184975] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/osquery/<a href="http://plugin.co" target="_blank">plugin.co</a><wbr>nf', depth='2'<br>[2018-07-04T10:37:37.184978] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/pacct/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.184981] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/rewrite/cc-mask.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.184984] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/snmptrap/snmptrap<wbr>d-source.conf', depth='2'<br>[2018-07-04T10:37:37.184988] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/solaris/<a href="http://plugin.co" target="_blank">plugin.co</a><wbr>nf', depth='2'<br>[2018-07-04T10:37:37.184991] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/sudo/sudo.conf', depth='2'<br>[2018-07-04T10:37:37.184994] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/syslogconf/plugin<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.184998] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/system/plugin.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.185001] Adding include file; filename='/usr/share/syslog-ng<wbr>/include/scl/windowseventlog/p<wbr>lugin.conf', depth='2'<br>[2018-07-04T10:37:37.185007] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/apache/apache.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.185044] Reading path for candidate modules; path='/usr/lib64/syslog-ng'<br>[2018-07-04T10:37:37.185080] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libjvm.so', module='jvm'<br>[2018-07-04T10:37:37.185117] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libadd-contextual-data.<wbr>so', module='add-contextual-data'<br>[2018-07-04T10:37:37.185182] Registering candidate plugin; module='add-contextual-data', context='parser', name='add_contextual_data'<br>[2018-07-04T10:37:37.185201] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libaffile.so', module='affile'<br>[2018-07-04T10:37:37.185271] Registering candidate plugin; module='affile', context='source', name='file'<br>[2018-07-04T10:37:37.185277] Registering candidate plugin; module='affile', context='source', name='pipe'<br>[2018-07-04T10:37:37.185280] Registering candidate plugin; module='affile', context='source', name='wildcard_file'<br>[2018-07-04T10:37:37.185283] Registering candidate plugin; module='affile', context='source', name='stdin'<br>[2018-07-04T10:37:37.185286] Registering candidate plugin; module='affile', context='destination', name='file'<br>[2018-07-04T10:37:37.185289] Registering candidate plugin; module='affile', context='destination', name='pipe'<br>[2018-07-04T10:37:37.185303] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafmongodb.so', module='afmongodb'<br>[2018-07-04T10:37:37.185613] Registering candidate plugin; module='afmongodb', context='destination', name='mongodb'<br>[2018-07-04T10:37:37.185640] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafprog.so', module='afprog'<br>[2018-07-04T10:37:37.185702] Registering candidate plugin; module='afprog', context='source', name='program'<br>[2018-07-04T10:37:37.185707] Registering candidate plugin; module='afprog', context='destination', name='program'<br>[2018-07-04T10:37:37.185720] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafsocket.so', module='afsocket'<br>[2018-07-04T10:37:37.185867] Registering candidate plugin; module='afsocket', context='source', name='unix-stream'<br>[2018-07-04T10:37:37.185872] Registering candidate plugin; module='afsocket', context='destination', name='unix-stream'<br>[2018-07-04T10:37:37.185876] Registering candidate plugin; module='afsocket', context='source', name='unix-dgram'<br>[2018-07-04T10:37:37.185879] Registering candidate plugin; module='afsocket', context='destination', name='unix-dgram'<br>[2018-07-04T10:37:37.185883] Registering candidate plugin; module='afsocket', context='source', name='tcp'<br>[2018-07-04T10:37:37.185886] Registering candidate plugin; module='afsocket', context='destination', name='tcp'<br>[2018-07-04T10:37:37.185889] Registering candidate plugin; module='afsocket', context='source', name='tcp6'<br>[2018-07-04T10:37:37.185892] Registering candidate plugin; module='afsocket', context='destination', name='tcp6'<br>[2018-07-04T10:37:37.185896] Registering candidate plugin; module='afsocket', context='source', name='udp'<br>[2018-07-04T10:37:37.185899] Registering candidate plugin; module='afsocket', context='destination', name='udp'<br>[2018-07-04T10:37:37.185902] Registering candidate plugin; module='afsocket', context='source', name='udp6'<br>[2018-07-04T10:37:37.185906] Registering candidate plugin; module='afsocket', context='destination', name='udp6'<br>[2018-07-04T10:37:37.185909] Registering candidate plugin; module='afsocket', context='source', name='syslog'<br>[2018-07-04T10:37:37.185912] Registering candidate plugin; module='afsocket', context='destination', name='syslog'<br>[2018-07-04T10:37:37.185915] Registering candidate plugin; module='afsocket', context='source', name='network'<br>[2018-07-04T10:37:37.185921] Registering candidate plugin; module='afsocket', context='destination', name='network'<br>[2018-07-04T10:37:37.185924] Registering candidate plugin; module='afsocket', context='source', name='systemd-syslog'<br>[2018-07-04T10:37:37.185951] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafstomp.so', module='afstomp'<br>[2018-07-04T10:37:37.186009] Registering candidate plugin; module='afstomp', context='destination', name='stomp'<br>[2018-07-04T10:37:37.186024] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafuser.so', module='afuser'<br>[2018-07-04T10:37:37.186077] Registering candidate plugin; module='afuser', context='destination', name='usertty'<br>[2018-07-04T10:37:37.186090] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libappmodel.so', module='appmodel'<br>[2018-07-04T10:37:37.186142] Registering candidate plugin; module='appmodel', context='root', name='application'<br>[2018-07-04T10:37:37.186147] Registering candidate plugin; module='appmodel', context='parser', name='app-parser'<br>[2018-07-04T10:37:37.186159] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libbasicfuncs.so', module='basicfuncs'<br>[2018-07-04T10:37:37.186227] Registering candidate plugin; module='basicfuncs', context='template-func', name='grep'<br>[2018-07-04T10:37:37.186232] Registering candidate plugin; module='basicfuncs', context='template-func', name='if'<br>[2018-07-04T10:37:37.186235] Registering candidate plugin; module='basicfuncs', context='template-func', name='or'<br>[2018-07-04T10:37:37.186239] Registering candidate plugin; module='basicfuncs', context='template-func', name='context-lookup'<br>[2018-07-04T10:37:37.186242] Registering candidate plugin; module='basicfuncs', context='template-func', name='context-length'<br>[2018-07-04T10:37:37.186246] Registering candidate plugin; module='basicfuncs', context='template-func', name='context-values'<br>[2018-07-04T10:37:37.186249] Registering candidate plugin; module='basicfuncs', context='template-func', name='echo'<br>[2018-07-04T10:37:37.186252] Registering candidate plugin; module='basicfuncs', context='template-func', name='length'<br>[2018-07-04T10:37:37.186256] Registering candidate plugin; module='basicfuncs', context='template-func', name='substr'<br>[2018-07-04T10:37:37.186259] Registering candidate plugin; module='basicfuncs', context='template-func', name='strip'<br>[2018-07-04T10:37:37.186262] Registering candidate plugin; module='basicfuncs', context='template-func', name='sanitize'<br>[2018-07-04T10:37:37.186265] Registering candidate plugin; module='basicfuncs', context='template-func', name='lowercase'<br>[2018-07-04T10:37:37.186269] Registering candidate plugin; module='basicfuncs', context='template-func', name='uppercase'<br>[2018-07-04T10:37:37.186272] Registering candidate plugin; module='basicfuncs', context='template-func', name='replace-delimiter'<br>[2018-07-04T10:37:37.186276] Registering candidate plugin; module='basicfuncs', context='template-func', name='padding'<br>[2018-07-04T10:37:37.186279] Registering candidate plugin; module='basicfuncs', context='template-func', name='binary'<br>[2018-07-04T10:37:37.186282] Registering candidate plugin; module='basicfuncs', context='template-func', name='dirname'<br>[2018-07-04T10:37:37.186285] Registering candidate plugin; module='basicfuncs', context='template-func', name='basename'<br>[2018-07-04T10:37:37.186289] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-concat'<br>[2018-07-04T10:37:37.186292] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-head'<br>[2018-07-04T10:37:37.186295] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-nth'<br>[2018-07-04T10:37:37.186299] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-tail'<br>[2018-07-04T10:37:37.186302] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-slice'<br>[2018-07-04T10:37:37.186306] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-count'<br>[2018-07-04T10:37:37.186309] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-append'<br>[2018-07-04T10:37:37.186312] Registering candidate plugin; module='basicfuncs', context='template-func', name='+'<br>[2018-07-04T10:37:37.186315] Registering candidate plugin; module='basicfuncs', context='template-func', name='-'<br>[2018-07-04T10:37:37.186319] Registering candidate plugin; module='basicfuncs', context='template-func', name='*'<br>[2018-07-04T10:37:37.186322] Registering candidate plugin; module='basicfuncs', context='template-func', name='/'<br>[2018-07-04T10:37:37.186325] Registering candidate plugin; module='basicfuncs', context='template-func', name='%'<br>[2018-07-04T10:37:37.186328] Registering candidate plugin; module='basicfuncs', context='template-func', name='sum'<br>[2018-07-04T10:37:37.186332] Registering candidate plugin; module='basicfuncs', context='template-func', name='min'<br>[2018-07-04T10:37:37.186335] Registering candidate plugin; module='basicfuncs', context='template-func', name='max'<br>[2018-07-04T10:37:37.186338] Registering candidate plugin; module='basicfuncs', context='template-func', name='average'<br>[2018-07-04T10:37:37.186341] Registering candidate plugin; module='basicfuncs', context='template-func', name='ipv4-to-int'<br>[2018-07-04T10:37:37.186345] Registering candidate plugin; module='basicfuncs', context='template-func', name='indent-multi-line'<br>[2018-07-04T10:37:37.186348] Registering candidate plugin; module='basicfuncs', context='template-func', name='env'<br>[2018-07-04T10:37:37.186351] Registering candidate plugin; module='basicfuncs', context='template-func', name='template'<br>[2018-07-04T10:37:37.186355] Registering candidate plugin; module='basicfuncs', context='template-func', name='urlencode'<br>[2018-07-04T10:37:37.186367] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libcef.so', module='cef'<br>[2018-07-04T10:37:37.186418] Registering candidate plugin; module='cef', context='template-func', name='format-cef-extension'<br>[2018-07-04T10:37:37.186430] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libconfgen.so', module='confgen'<br>[2018-07-04T10:37:37.186486] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libcryptofuncs.so', module='cryptofuncs'<br>[2018-07-04T10:37:37.186538] Registering candidate plugin; module='cryptofuncs', context='template-func', name='uuid'<br>[2018-07-04T10:37:37.186543] Registering candidate plugin; module='cryptofuncs', context='template-func', name='hash'<br>[2018-07-04T10:37:37.186547] Registering candidate plugin; module='cryptofuncs', context='template-func', name='sha1'<br>[2018-07-04T10:37:37.186550] Registering candidate plugin; module='cryptofuncs', context='template-func', name='sha256'<br>[2018-07-04T10:37:37.186554] Registering candidate plugin; module='cryptofuncs', context='template-func', name='sha512'<br>[2018-07-04T10:37:37.186561] Registering candidate plugin; module='cryptofuncs', context='template-func', name='md4'<br>[2018-07-04T10:37:37.186565] Registering candidate plugin; module='cryptofuncs', context='template-func', name='md5'<br>[2018-07-04T10:37:37.186576] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libcsvparser.so', module='csvparser'<br>[2018-07-04T10:37:37.186628] Registering candidate plugin; module='csvparser', context='parser', name='csv-parser'<br>[2018-07-04T10:37:37.186641] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libdate.so', module='date'<br>[2018-07-04T10:37:37.186693] Registering candidate plugin; module='date', context='parser', name='date-parser'<br>[2018-07-04T10:37:37.186705] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libdbparser.so', module='dbparser'<br>[2018-07-04T10:37:37.186777] Registering candidate plugin; module='dbparser', context='parser', name='db-parser'<br>[2018-07-04T10:37:37.186782] Registering candidate plugin; module='dbparser', context='parser', name='grouping-by'<br>[2018-07-04T10:37:37.186795] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libdisk-buffer.so', module='disk-buffer'<br>[2018-07-04T10:37:37.186849] Registering candidate plugin; module='disk-buffer', context='inner-dest', name='disk_buffer'<br>[2018-07-04T10:37:37.186863] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libgraphite.so', module='graphite'<br>[2018-07-04T10:37:37.186911] Registering candidate plugin; module='graphite', context='template-func', name='graphite_output'<br>[2018-07-04T10:37:37.186924] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libhook-commands.so', module='hook-commands'<br>[2018-07-04T10:37:37.186974] Registering candidate plugin; module='hook-commands', context='inner-dest', name='hook-commands'<br>[2018-07-04T10:37:37.186979] Registering candidate plugin; module='hook-commands', context='inner-src', name='hook-commands'<br>[2018-07-04T10:37:37.186990] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libjson-plugin.so', module='json-plugin'<br>[2018-07-04T10:37:37.187083] Registering candidate plugin; module='json-plugin', context='parser', name='json-parser'<br>[2018-07-04T10:37:37.187088] Registering candidate plugin; module='json-plugin', context='template-func', name='format_json'<br>[2018-07-04T10:37:37.187105] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libkvformat.so', module='kvformat'<br>[2018-07-04T10:37:37.187159] Registering candidate plugin; module='kvformat', context='parser', name='kv-parser'<br>[2018-07-04T10:37:37.187164] Registering candidate plugin; module='kvformat', context='parser', name='linux-audit-parser'<br>[2018-07-04T10:37:37.187168] Registering candidate plugin; module='kvformat', context='template-func', name='format-welf'<br>[2018-07-04T10:37:37.187179] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='liblinux-kmsg-format.so<wbr>', module='linux-kmsg-format'<br>[2018-07-04T10:37:37.187229] Registering candidate plugin; module='linux-kmsg-format', context='format', name='linux-kmsg'<br>[2018-07-04T10:37:37.187242] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libmap-value-pairs.so', module='map-value-pairs'<br>[2018-07-04T10:37:37.187293] Registering candidate plugin; module='map-value-pairs', context='parser', name='map_value_pairs'<br>[2018-07-04T10:37:37.187306] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libpseudofile.so', module='pseudofile'<br>[2018-07-04T10:37:37.187358] Registering candidate plugin; module='pseudofile', context='destination', name='pseudofile'<br>[2018-07-04T10:37:37.187371] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsdjournal.so', module='sdjournal'<br>[2018-07-04T10:37:37.187425] Registering candidate plugin; module='sdjournal', context='source', name='systemd-journal'<br>[2018-07-04T10:37:37.187438] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsnmptrapd-parser.so'<wbr>, module='snmptrapd-parser'<br>[2018-07-04T10:37:37.187489] Registering candidate plugin; module='snmptrapd-parser', context='parser', name='snmptrapd-parser'<br>[2018-07-04T10:37:37.187502] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libstardate.so', module='stardate'<br>[2018-07-04T10:37:37.187553] Registering candidate plugin; module='stardate', context='template-func', name='stardate'<br>[2018-07-04T10:37:37.187566] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsyslogformat.so', module='syslogformat'<br>[2018-07-04T10:37:37.187618] Registering candidate plugin; module='syslogformat', context='format', name='syslog'<br>[2018-07-04T10:37:37.187624] Registering candidate plugin; module='syslogformat', context='parser', name='syslog-parser'<br>[2018-07-04T10:37:37.187635] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsystem-source.so', module='system-source'<br>[2018-07-04T10:37:37.187684] Registering candidate plugin; module='system-source', context='source', name='system'<br>[2018-07-04T10:37:37.187697] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libtags-parser.so', module='tags-parser'<br>[2018-07-04T10:37:37.187747] Registering candidate plugin; module='tags-parser', context='parser', name='tags-parser'<br>[2018-07-04T10:37:37.187760] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libtfgetent.so', module='tfgetent'<br>[2018-07-04T10:37:37.187809] Registering candidate plugin; module='tfgetent', context='template-func', name='getent'<br>[2018-07-04T10:37:37.187821] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libxml.so', module='xml'<br>[2018-07-04T10:37:37.187873] Registering candidate plugin; module='xml', context='parser', name='xml'<br>[2018-07-04T10:37:37.187886] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libmod-java.so', module='mod-java'<br>[2018-07-04T10:37:37.187891] Registering candidate plugin; module='mod-java', context='options', name='jvm_options'<br>[2018-07-04T10:37:37.187896] Registering candidate plugin; module='mod-java', context='destination', name='java'<br>[2018-07-04T10:37:37.187948] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/apache/apache.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.187961] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/cim/adapter.conf'<wbr>, depth='2'<br>[2018-07-04T10:37:37.188052] Module loaded and initialized successfully; module='appmodel'<br>[2018-07-04T10:37:37.188086] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/cim/adapter.conf'<wbr>, depth='2'<br>[2018-07-04T10:37:37.188098] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/cim/template.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.188223] Module loaded and initialized successfully; module='json-plugin'<br>[2018-07-04T10:37:37.188348] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/cim/template.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.188362] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/cisco/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.188486] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/cisco/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.188497] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/default-network-d<wbr>rivers/plugin.conf', depth='2'<br>[2018-07-04T10:37:37.188579] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/default-network-d<wbr>rivers/plugin.conf', depth='2'<br>[2018-07-04T10:37:37.188590] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/elasticsearch/plu<wbr>gin.conf', depth='2'<br>[2018-07-04T10:37:37.188623] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'<br>[2018-07-04T10:37:37.188629] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'<br>[2018-07-04T10:37:37.188632] Module loaded and initialized successfully; module='json-plugin'<br>[2018-07-04T10:37:37.188760] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/elasticsearch/plu<wbr>gin.conf', depth='2'<br>[2018-07-04T10:37:37.188770] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/ewmm/ewmm.conf', depth='2'<br>[2018-07-04T10:37:37.188822] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'<br>[2018-07-04T10:37:37.188827] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'<br>[2018-07-04T10:37:37.188830] Module loaded and initialized successfully; module='json-plugin'<br>[2018-07-04T10:37:37.189032] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/ewmm/ewmm.conf', depth='2'<br>[2018-07-04T10:37:37.189043] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/graphite/plugin.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.189093] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/graphite/plugin.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.189103] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/graylog2/plugin.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.189137] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'<br>[2018-07-04T10:37:37.189142] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'<br>[2018-07-04T10:37:37.189145] Module loaded and initialized successfully; module='json-plugin'<br>[2018-07-04T10:37:37.189284] Module loaded and initialized successfully; module='basicfuncs'<br>[2018-07-04T10:37:37.189316] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/graylog2/plugin.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.189328] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/hdfs/plugin.conf'<wbr>, depth='2'<br>[2018-07-04T10:37:37.189403] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/hdfs/plugin.conf'<wbr>, depth='2'<br>[2018-07-04T10:37:37.189413] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/iptables/iptables<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.189478] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/iptables/iptables<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.189488] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/kafka/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.189548] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/kafka/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.189558] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/loadbalancer/plug<wbr>in.conf', depth='2'<br>[2018-07-04T10:37:37.189681] Module loaded and initialized successfully; module='confgen'<br>[2018-07-04T10:37:37.189703] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/loadbalancer/plug<wbr>in.conf', depth='2'<br>[2018-07-04T10:37:37.189715] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/loggly/loggly.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.189776] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'<br>[2018-07-04T10:37:37.189781] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'<br>[2018-07-04T10:37:37.189785] Module loaded and initialized successfully; module='json-plugin'<br>[2018-07-04T10:37:37.189815] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/loggly/loggly.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.189825] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/logmatic/logmatic<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.189893] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'<br>[2018-07-04T10:37:37.189897] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'<br>[2018-07-04T10:37:37.189900] Module loaded and initialized successfully; module='json-plugin'<br>[2018-07-04T10:37:37.189926] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/logmatic/logmatic<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.189936] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/mbox/mbox.conf', depth='2'<br>[2018-07-04T10:37:37.189980] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/mbox/mbox.conf', depth='2'<br>[2018-07-04T10:37:37.189990] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/nodejs/plugin.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.190038] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/nodejs/plugin.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.190048] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/osquery/<a href="http://plugin.co" target="_blank">plugin.co</a><wbr>nf', depth='2'<br>[2018-07-04T10:37:37.190136] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/osquery/<a href="http://plugin.co" target="_blank">plugin.co</a><wbr>nf', depth='2'<br>[2018-07-04T10:37:37.190146] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/pacct/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.190189] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/pacct/plugin.conf<wbr>', depth='2'<br>[2018-07-04T10:37:37.190198] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/rewrite/cc-mask.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.190246] Global value changed; define='balabit.credit-card-re<wbr>gexp', value='(:4[0-9]{12}(?:[0-9]{3}<wbr>)?|5[1-5][0-9]{14}|6(?:011|5[0<wbr>-9][0-9])[0-9]{12}|3[47][0-9]{<wbr>13}|3(?:0[0-5]|[68][0-9])[0-9]<wbr>{11}|(?:2131|1800|35d{3})d{11}<wbr>)'<br>[2018-07-04T10:37:37.190280] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/rewrite/cc-mask.c<wbr>onf', depth='2'<br>[2018-07-04T10:37:37.190289] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/snmptrap/snmptrap<wbr>d-source.conf', depth='2'<br>[2018-07-04T10:37:37.190340] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/snmptrap/snmptrap<wbr>d-source.conf', depth='2'<br>[2018-07-04T10:37:37.190350] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/solaris/<a href="http://plugin.co" target="_blank">plugin.co</a><wbr>nf', depth='2'<br>[2018-07-04T10:37:37.190400] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/solaris/<a href="http://plugin.co" target="_blank">plugin.co</a><wbr>nf', depth='2'<br>[2018-07-04T10:37:37.190410] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/sudo/sudo.conf', depth='2'<br>[2018-07-04T10:37:37.190472] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/sudo/sudo.conf', depth='2'<br>[2018-07-04T10:37:37.190482] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/syslogconf/plugin<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.190539] Module loaded and initialized successfully; module='confgen'<br>[2018-07-04T10:37:37.190545] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/syslogconf/plugin<wbr>.conf', depth='2'<br>[2018-07-04T10:37:37.190554] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/system/plugin.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.190593] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/system/plugin.con<wbr>f', depth='2'<br>[2018-07-04T10:37:37.190601] Starting to read include file; filename='/usr/share/syslog-ng<wbr>/include/scl/windowseventlog/p<wbr>lugin.conf', depth='2'<br>[2018-07-04T10:37:37.190643] Finishing include; filename='/usr/share/syslog-ng<wbr>/include/scl/windowseventlog/p<wbr>lugin.conf', depth='2'<br>[2018-07-04T10:37:37.190661] Global value changed; define='java-module-dir', value='/usr/lib64/syslog-ng/ja<wbr>va-modules'<br>[2018-07-04T10:37:37.190667] Finishing include; filename='/etc/syslog-ng/scl.c<wbr>onf', depth='1'<br>[2018-07-04T10:37:37.190862] Module loaded and initialized successfully; module='system-source'<br>[2018-07-04T10:37:37.190952] Module loaded and initialized successfully; module='sdjournal'<br>[2018-07-04T10:37:37.190996] Finishing include; content='parser generator app-parser', depth='2'<br>[2018-07-04T10:37:37.191184] Module loaded and initialized successfully; module='kvformat'<br>[2018-07-04T10:37:37.191201] Finishing include; content='block parser iptables-parser() at /usr/share/syslog-ng/include/s<wbr>cl/iptables/iptables.conf:23', depth='3'<br>[2018-07-04T10:37:37.191329] Module loaded and initialized successfully; module='csvparser'<br>[2018-07-04T10:37:37.191357] Finishing include; content='block parser sudo-parser() at /usr/share/syslog-ng/include/s<wbr>cl/sudo/sudo.conf:23', depth='3'<br>[2018-07-04T10:37:37.191380] Finishing include; content='parser generator app-parser', depth='2'<br>[2018-07-04T10:37:37.191404] Finishing include; content='source generator system', depth='1'<br>[2018-07-04T10:37:37.191591] Module loaded and initialized successfully; module='afsocket'<br>[2018-07-04T10:37:37.192042] Module loaded and initialized successfully; module='dbparser'<br>[2018-07-04T10:37:37.192158] Module loaded and initialized successfully; module='affile'<br>[2018-07-04T10:37:37.192370] Finishing include; content='block destination elasticsearch2() at /usr/share/syslog-ng/include/s<wbr>cl/elasticsearch/plugin.conf:5<wbr>9', depth='1'<br>[2018-07-04T10:37:37.192738] Module loaded and initialized successfully; module='syslogformat'<br>[2018-07-04T10:37:37.192935] Accepting connections; addr='AF_INET(<a href="http://0.0.0.0:601" target="_blank">0.0.0.0:601</a>)'<br>[2018-07-04T10:37:37.192970] Accepting connections; addr='AF_INET(<a href="http://0.0.0.0:514" target="_blank">0.0.0.0:514</a>)'<br>[2018-07-04T10:37:37.193423] Seeking the journal to the last cursor position; cursor='s=df2c9187264b4bb0a3ad<wbr>dd9aa8fc2c71;i=6d55c;b=4458f11<wbr>42e1f48c0895f522ab1182866;m=87<wbr>d9f8fec7;t=57028562edb9b;x=437<wbr>3623fa660b876'<br>[2018-07-04T10:37:37.193676] Log pattern database reloaded; file='/opt/syslog-ng/etc/patte<wbr>rndb.xml', version='3', pub_date='2010-07-13'<br>[2018-07-04T10:37:37.193712] Processing the time zone file (32bit part); filename='/usr/share/zoneinfo/<wbr>UTC'<br>[2018-07-04T10:37:37.193736] Java machine new;<br>[2018-07-04T10:37:37.242506] Can't find class; class_name='org/syslog_ng/Sysl<wbr>ogNgClassLoader'<br>**<br>ERROR:modules/java/native/java<wbr>_machine.c:206:java_machine_ge<wbr>t_class_loader: assertion failed: (self->loader)<br>Aborted (core dumped)<br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div></div>
<br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=syslog<wbr>-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
</blockquote></div><br></div></div><span class="m_6620463346098072690m_-7736893373379401804m_487904418277037847HOEnZb"><font color="#888888">
-- <br>
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.</font></span></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=<wbr>syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/<wbr>mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/<wbr>support/documentation/?<wbr>product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/<wbr>syslog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>