
<div dir="ltr">Hi Attila,<div><br></div><div>No issue.</div><div><br></div><div>Please find the command output as below : (command is line wrapped, so starting is overlapped)</div><div>----------------------------------------------------------------------------------</div><div>~ #<br> -Fedtvin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng<br>[2019-09-26T12:58:18.700543] Unable to detect fully qualified hostname for localhost, use_fqdn() will use the short hostname;<br>[2019-09-26T12:58:18.700953] Processing @include statement; filename='scl.conf', include-path='//etc://share/syslog-ng/include<br>'<br>[2019-09-26T12:58:18.700968] Starting to read include file; filename='//etc/scl.conf', depth='1'<br>[2019-09-26T12:58:18.701037] Processing @include statement; filename='scl/*/*.conf', include-path='//etc://share/syslog-ng/inc<br>lude'<br>[2019-09-26T12:58:18.701063] Global value changed; define='java-module-dir', value='//lib/syslog-ng/java-modules'<br>[2019-09-26T12:58:18.701069] Finishing include; filename='//etc/scl.conf', depth='1'<br>[2019-09-26T12:58:18.701076] Reading path for candidate modules; path='//lib/syslog-ng'<br>[2019-09-26T12:58:18.701108] WARNING: Your configuration file uses an obsoleted keyword, please update your configuration; key<br>word='flush_timeout', change='Some drivers support batch-timeout() instead that you can specify at the destination level.', lo<br>cation='#buffer:15:5'<br>Error parsing source statement, source plugin file not found in /tandberg/persistent/syslog-ng.conf:31:5-31:9:<br>26<br>27      #   Sources<br>28<br>29      source s_everything {<br>30          internal();<br>31---->     file("/proc/kmsg" log-fetch-limit(100) log-iw-size(100));<br>31---->     ^^^^<br>32          #file ("/proc/kmsg" program_override("kernel"));<br>33          unix-dgram("/var/log/log" log-fetch-limit(100) log-iw-size(100));<br>34          udp(ip(127.0.0.1) port(514) log_fetch_limit(100) log_iw_size(100));<br>35      };<br>36<br><br><br>syslog-ng documentation: <a href="https://www.balabit.com/support/documentation?product=syslog-ng-ose">https://www.balabit.com/support/documentation?product=syslog-ng-ose</a><br>contact: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>~ #<br></div><div>----------------------------------------------------------------------------------</div><div><br></div><div>Please let me know anything else if you want to get.</div><div><br></div><div>Regards,</div><div>D Pal</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Sep 26, 2019 at 6:16 PM Attila Szakacs (aszakacs) <<a href="mailto:Attila.Szakacs@oneidentity.com">Attila.Szakacs@oneidentity.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">


<div dir="ltr">

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

Hi,</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

<br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

Sorry, I did not write it clearly, the example command in your case should look like:</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

<span style="font-size:15px;color:rgb(0,0,0);background-color:rgb(255,255,255);display:inline">#

 /sbin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng.pid -Fedtv</span><br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

<span style="font-size:15px;color:rgb(0,0,0);background-color:rgb(255,255,255);display:inline"><br>

</span></div>

<div style="color:rgb(0,0,0);background-color:rgb(255,255,255)"><span style="font-size:15px">Best regards,</span></div>

<div style="color:rgb(0,0,0);background-color:rgb(255,255,255)"><span style="font-size:15px">Attila</span></div>

<div id="gmail-m_3111189445706277661appendonsend"></div>

<hr style="display:inline-block;width:98%">

<div id="gmail-m_3111189445706277661divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>> on behalf of Debananda Pal <<a href="mailto:debananda.pal@gmail.com" target="_blank">debananda.pal@gmail.com</a>><br>

<b>Sent:</b> Thursday, September 26, 2019 2:22 PM<br>

<b>To:</b> Syslog-ng users' and developers' mailing list <<a href="mailto:syslog-ng@lists.balabit.hu" target="_blank">syslog-ng@lists.balabit.hu</a>><br>

<b>Subject:</b> Re: [syslog-ng] Help needed in configuration file upgrade (from syslog-ng-3.11.1 to syslog-ng-3.23.1)</font>

<div> </div>

</div>

<div>

<div style="background-color:rgb(255,235,156);width:100%;border-style:solid;border-color:rgb(156,101,0);border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:Calibri;color:black;text-align:left">

<span style="color:rgb(156,101,0);font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>

<br>

<div>

<div dir="ltr">Hi,

<div>Please find the output of the command as below :</div>

<div>-----------------------------------</div>

<div>~ # syslog-ng -Fedtv<br>

[2019-09-26T12:20:03.417562] Unable to detect fully qualified hostname for localhost, use_fqdn() will use the short hostname;<br>

[2019-09-26T12:20:03.417956] Error opening configuration file; filename='//etc/syslog-ng.conf', error='Failed to open file ▒“<br>

//etc/syslog-ng.conf▒”: No such file or directory'<br>

~ #<br>

</div>

<div>-----------------------------------</div>

<div>Actually the file location is different in our target system, we are executing the command as below :</div>

<div># /sbin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng.pid<br>

</div>

<div>-----------------------------------</div>

<div><br>

</div>

<div>Regards,</div>

<div>D Pal</div>

<div><br>

</div>

</div>

<br>

<div>

<div dir="ltr">On Thu, Sep 26, 2019 at 4:22 PM Attila Szakacs (aszakacs) <<a href="mailto:Attila.Szakacs@oneidentity.com" target="_blank">Attila.Szakacs@oneidentity.com</a>> wrote:<br>

</div>

<blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">

<div dir="ltr">

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

Hi,</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

<br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

Could you run syslog-ng with -Fedtv flags and share the output?</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

<br>

</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

Best regards,</div>

<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">

Attila</div>

<div id="gmail-m_3111189445706277661x_gmail-m_-3564389212527172433appendonsend"></div>

<hr style="display:inline-block;width:98%">

<div id="gmail-m_3111189445706277661x_gmail-m_-3564389212527172433divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>>

 on behalf of Debananda Pal <<a href="mailto:debananda.pal@gmail.com" target="_blank">debananda.pal@gmail.com</a>><br>

<b>Sent:</b> Wednesday, September 25, 2019 4:55 PM<br>

<b>To:</b> <a href="mailto:syslog-ng@lists.balabit.hu" target="_blank">syslog-ng@lists.balabit.hu</a> <<a href="mailto:syslog-ng@lists.balabit.hu" target="_blank">syslog-ng@lists.balabit.hu</a>><br>

<b>Subject:</b> [syslog-ng] Help needed in configuration file upgrade (from syslog-ng-3.11.1 to syslog-ng-3.23.1)</font>

<div> </div>

</div>

<div>

<div style="background-color:rgb(255,235,156);width:100%;border-style:solid;border-color:rgb(156,101,0);border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:Calibri;color:black;text-align:left">

<span style="color:rgb(156,101,0);font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>

<br>

<div>

<div dir="ltr">

<div>

<div dir="ltr">Hi All,

<div><br>

</div>

<div>Sorry to send the mail to all as I am not aware about individual email id.</div>

<div><br>

</div>

<div>I am trying to upgrade syslog-ng from 3.11.1  to  3.23.1 on Linux and finding some issues as below.</div>

<div>I have changed few parameters like version, include, but at present getting error with file() configuration.</div>

<div>-------------------------------------------------------------------------------------</div>

<div>~ # /sbin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng.pid<br>

[2019-09-25T13:40:11.707232] WARNING: Your configuration file uses an obsoleted keyword, please update your configuration; key<br>

word='flush_timeout', change='Some drivers support batch-timeout() instead that you can specify at the destination level.', lo<br>

cation='#buffer:15:5'<br>

<b>Error parsing source statement, source plugin file not found in /tandberg/persistent/syslog-ng.conf:31:5-31:9:</b><br>

26<br>

27      #   Sources<br>

28<br>

29      source s_everything {<br>

30          internal();<br>

31---->     file("/proc/kmsg" log_fetch_limit(100) log_iw_size(100));<br>

31---->     ^^^^<br>

32          unix_dgram("/var/log/log" log_fetch_limit(100) log_iw_size(100));<br>

33          udp(ip(127.0.0.1) port(514) log_fetch_limit(100) log_iw_size(100));<br>

34      };<br>

35<br>

36      #   Destinations<br>

<br>

syslog-ng documentation: <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%3Fproduct%3Dsyslog-ng-ose&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183237060&sdata=6X4%2FKSYFXwDuseR%2B%2B4wnlC%2FgG4HwbrSMlOG7byPXGBA%3D&reserved=0" target="_blank">

https://www.balabit.com/support/documentation?product=syslog-ng-ose</a><br>

contact: <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183237060&sdata=DTFVzj6ROb4rfAH6w31fmRRnMTFduRzsQQaL9N2fkwk%3D&reserved=0" target="_blank">

https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>

~ #<br>

</div>

<div>-------------------------------------------------------------------------------------  <br>

</div>

<div><br>

</div>

<div>I have attached the syslog-ng.conf file for your kind perusal.</div>

<div>Please give your suggestion on the modified config file.</div>

<div><br>

</div>

<div>Regards,</div>

<div>D Pal</div>

</div>

</div>

</div>

</div>

</div>

</div>

______________________________________________________________________________<br>

Member info: <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183247056&sdata=mBfnED6IQEPX5LXqfn9yp3%2BP%2FCe3GsIBd1H7aWzwsyw%3D&reserved=0" rel="noreferrer" target="_blank">

https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>

Documentation: <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183247056&sdata=NKyFt%2B5WznxZ%2BHw0RmEFWPyxSUbsfcnoUzAoZZJoeg0%3D&reserved=0" rel="noreferrer" target="_blank">

http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>

FAQ: <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183257047&sdata=vn3jyhEzK7qrNfPdGrQxw8nRD%2BtzaijS58S7%2FcNFTXY%3D&reserved=0" rel="noreferrer" target="_blank">

http://www.balabit.com/wiki/syslog-ng-faq</a><br>

<br>

</blockquote>

</div>

</div>

</div>

</div>


______________________________________________________________________________<br>

Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>

Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>

FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>

<br>

</blockquote></div>