I’m running syslog-ng 1.6.11 on Solaris 10 zone, and
so far I’m able to see logs being created locally but I’m not
seeing any kind of logging from other Solaris host. For my syslog-ng
server I made sure that I’m using udp and for source its door. I’ve
two test servers running Solaris 8 and 10 that I’m testing from and have
changed syslog.conf to reflect the changes and point all my logs to go to
syslog-ng. It’s not the firewall that is blocking it as we are able
to telnet to port 514 and whatever you type in the cmd prompt it records it on
the syslog-ng server. I know I’m missing something in the config
file but not sure what I’m doing wrong.
My syslog-ng.conf file
source s_dgram
{ sun-streams ("/dev/log"
door("/etc/.syslog_door")); };
source s_internal
{ internal(); };
#source s_kernel
# { pipe("/proc/kmsg"
log_prefix("kernel: ")); };
#source s_tcp
# { tcp(ip(10.1.100.84)port(514) keep-alive(yes)
max_connections(100)); };
source s_udp
{ udp(); };
Solaris 8 box syslog.conf file
#ident
"@(#)syslog.conf
1.5 98/12/14 SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`')
names
# that match m4 reserved words. Also, within ifdef's,
arguments
# containing commas must be quoted.
#
*.*
@loghost
Maunir Shah
630-285-5875 - desk
630-550-6266 - cell