Hi Catenate/All, My syslog-ng is from freebsd port version syslog-ng-1.6.6 . Right now the logs are not separated by their hostname - year - month - day .Instead they are going into one which is the localhost logs which is /var/log/host/localhost/year/month/date/local7 (local7 is from the routers) I wonder why its not creating the remote hosts directory. Hope its clear now. regards fico On 9/30/05, catenate <infosec@gmail.com> wrote:
Frowarding to the list, wish gmail used the reply-to header. :(
---------- Forwarded message ---------- From: catenate < infosec@gmail.com> Date: Sep 29, 2005 7:54 PM Subject: Re: [syslog-ng] syslog-ng not logging To: fico gid <ficohertz@gmail.com>
On 9/29/05, fico gid <ficohertz@gmail.com> wrote:
Hi Again,
Below is the whole syslog-ng.conf file . Yes, it is not separating as in /host/somehost/year/month/day ..
<SNIP>
Let me know if you need more info,
Thanks Fico,
This has to be the first time I've ever seen someone completely omit an options{}; block. Now I know that syslog-ng will gladly use defaults for all the options if/when you leave that out.
Anyways, I'm still not completely clear on how exactly your installation is logging. Are you saying that you have logs going to /var/log/kern.log and the other NON-MACRO destinations, or are you saying that your macro filenames in /var/log/hosts/HOST/YEAR/... are being logged but incorrectly, like /var/log/hosts/YEAR/... ? Please be specific.
I did a syntax check on your config file, and it looks fine to me. What version are you using?
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html