On Mon, Oct 27, 2003 at 04:36:21PM +0800, Santa Lau wrote:
Hi,
I just upgrade the hardware and software of the syslog-ng server to 1.60rc4 from 1.5 to log about 30 firewalls syslog. After upgarde, I did find that nearly half of the firewalls log doesn't write to the file. I did check with tcpdump and it did receive the tons of logs but did't log into the file. The iptables/ipchains has all been disabled. Is there any way to identify the source of problem. Thanks for your help.
I think you should attach strace to the syslog-ng process and check whether it really receives log messages (you should see recvfrom() lines for each message received), it might also be possible that syslog-ng blocks on DNS for example. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1