I did not see your email from 2 minutes before mine. The config i used was this:I removed the content of the filters because it contains IP adresses I would not like to share.I hope that is not to relevant as per the evaluation.You can see from the above email, that these exact filters do match the message
so it should work as far as i can tell.############### Globale Optionen ###############
@version:3.16.1
@include "scl.conf"
options {
chain_hostnames(off); # Standard
flush_lines(0); # Standard
perm(0640); # Standard
stats_freq(3600); # Standard
threaded(yes); # Standard
create-dirs(yes); # erlaubt Syslog-NG, falls noetig, neue Verzeichnisse anzulegen
dir-owner(root); # die neuen Verzeichnisse gehoeren root
dir-perm(0640); # entspricht -rw-r-----, Besitzer: Lesen, Schreiben; Gruppe: Lesen; Alle: Nichts
file-template(t_myLoggingFormat); # legt Standart-Template fuer file Destinations fest };
############### Sources - Quellen ###############
# Fuer interne Nachrichten
source s_myInternalSource {
system(); # von Betriebssystem und aehnlichem
internal(); # Syslog-interne Nachrichten
};
# Fuer Netzwerk-Nachrichten
source s_myNetworkSource {
syslog(
ip(0.0.0.0) #
port(601) # Standardport für legacy RFC 3164 UDP syslog
transport("udp") #
);
syslog(
ip(0.0.0.0) #
port(514) # Non-Standardport
transport("udp") #
);
syslog(
ip(0.0.0.0) # Bedeutet NICHT, das von allen angenommen wird, siehe filter
port(601) # Standardport für RFC 5424 TCP Syslog ist 601
transport("tcp") # TCP, damit Nachrichten garantiert am Ziel ankommen
);
syslog(
ip(0.0.0.0) #
port(514) # Non-Standard Port
transport("tcp") #
);
### UDP ### fuer Checkpoint
#syslog(
# ip(0.0.0.0)
# port(601)
# transport("udp")
#);
#syslog(
# ip(0.0.0.0)
# port(514)
# transport("udp")
#);
};
############### Templates - Vorlagen ###############
# Aufbau des Nachrichteninhalts fuer Dateiziele
template t_myLoggingFormat {
template("$(padding ${FULLHOST} 15 '')|${ISODATE}|PRI:$(padding ${PRI} 3 '')|${MSGHDR} ${MSG}\n");
};# Legacy-Nachrichten werden anders geparst
# Mit Standardtempalte wir die Originalnachricht vollständig in MSG eingefügt
# Fuer Nachrichtenpfad
# Dateiname ist Tag(Nummer innerhalb des Monats)-Kuerzel(Mon, Tue, Wen, Thu, Fri, Sat, Sun)
# zum Beispiel "127.0.0.1/2018/Jan/17-Sat"
template t_destination {
template("${FULLHOST}/${YEAR}/${YEAR}-${MONTH_ABBREV}-${DAY} filter f_checkpoints {.log");
};
############### Filter ###############
# Ein Filter je Quelle
# Filter kann man so machen:
# filter <filter-id>
# {"<macro-or-template>" operator "<value-or-macro-or-template>"};
# oder mit Functions
filter f_noDebug {
level(emerg..info);# Schließt Debug-Nachrichten aus
};
filter f_networkfilter {
};
};
############### Rewrite Rules ######################
rewrite r_checkpoint_remove_irrelevant {
subst(
'\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} - ',
'',
type("pcre"),
value("MESSAGE") flags("utf8" "store-matches")
);
};
############### Ziele - Destinations ###############
# Ein Ziel fuer jede IP-Adresse, Jahr, Monat, Tag, etc
destination d_myDestination{
file("/var/log/syslog-ng/$FULLHOST/$YEAR/$YEAR-$MONTH-$ ############### Log-Pfade ###############DAY.log"
create_dirs(yes)
);
};
destination d_testination{
file("/var/log/syslog-ng/test/$FULLHOST/$YEAR/$YEAR-$MONTH-$ DAY.log"
create_dirs(yes)
);
};
#
log {
source(s_myNetworkSource);# Fuer TCP und UDP Nachrichten von allen Clients filter(f_networkfilter);
source(s_myInternalSource);# interne Nachrichten # Nur 10.27.221er, 222er, 231er und 27er Netz
filter(f_noDebug);# alle außer debug log { # for testing purposes
destination(d_myDestination);# universal Ziel; siehe Template
};
#
source(s_myNetworkSource);
filter(f_checkpoints);# Nur Checkpoint-Non-Standard
filter(f_noDebug);
# rewrite(r_checkpoint_remove_irrelevant);
destination(d_myDestination);
};
#
#log { # for testing purposes
# source(s_myNetworkSource);
# source { syslog( ip( 0.0.0.0) transport("udp") flags(syslog-protocol); };
# destination(d_testination);
#};
############################## ENDE ##############################g-ng.conf:85:19', msg='0x7ff5a40168c0'
[2018-07-04T16:15:27.124696] <<<<<< filter rule evaluation result; result='MATCH - Forwarding message to the next LogPipe', rule='f_checkpoints', location='/etc/syslog-ng/syslog-ng.conf:98:23', msg='0x7ff5a40168c0'
[2018-07-04T16:15:27.124709] <<<<<< Source side message processing finish; instance='0.0.0.0', location='/etc/syslog-ng/syslog-ng.conf:33:2', msg='0x7ff5a40168c0'
Floating point exception (core dumped)and there are not messages writen the (local) file destination.Could this be another issue with the build or is that my config?The odd thing is i already reverted to an older config which was previously verified functionalSincerelyNiklas Deffner2018-07-04 15:37 GMT+02:00 Niklas Deffner <niklastai97@gmail.com>:
Hi,
Thank you for the explanation.
Is that also the reason why logging (in my case)does not work at all in this current state, no matter the config used, even 'crashless'?
Sincerely
Niklas Deffner--Am 4. Juli 2018 15:29:10 MESZ schrieb "Szemere, László" <laszlo.szemere@balabit.com>:Hello T4iga,Your error message helped a lot, Thank You. It successfully leaded us here: https://github.com/balabit/syslog-ng/blob/41f7c202cb25 433feb0fa9496960599a53b58522/m odules/java/native/java-class- loader.c#L51 From this @Czanik and me figured out it was a configuration/packaging error. Peter immediately created a new build, which worked well on his local machine.The opensuse building is still running: https://build.opensuse.org/package/show/home:czanik , please update your packages with the finished output.:syslog-ng316/syslog-ng Best regards,LaciOn Wed, Jul 4, 2018 at 10:51 AM, T4iga <niklastai97@gmail.com> wrote:2018-07-04 10:23 GMT+02:00 Fabien Wernli <wernli@in2p3.fr>:In order to put aside any systemd complexities,
let's try to run syslog-ng in the foreground:
export LD_LIBRARY_PATH=/usr/lib64/jvm/java-1.8.0-openjdk-1.8.0/jre/ lib/amd64/server
syslog-ng -Fdv
What happens then?
____________________________________________________________ __________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog -ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
I got an error that lead me to correct another semantic error I made.After correcting that it still crashes:I suppose the initialization stuff is irrelevant as there are not errors apart from the end:[2018-07-04T10:37:37.193736] Java machine new;
[2018-07-04T10:37:37.242506] Can't find class; class_name='org/syslog_ng/SyslogNgClassLoader'
**
ERROR:modules/java/native/java_machine.c:206:java_machine_ge t_class_loader: assertion failed: (self->loader)
Aborted (core dumped)Just in case the full thing is needed:# syslog-ng -Fdv
[2018-07-04T10:37:37.182933] Systemd is detected as the running init system;
[2018-07-04T10:37:37.184634] Module loaded and initialized successfully; module='mod-java'
[2018-07-04T10:37:37.184664] Starting to read include file; filename='/etc/syslog-ng/scl.conf', depth='1'
[2018-07-04T10:37:37.184921] Adding include file; filename='/usr/share/syslog-ng/include/scl/apache/apache.con f', depth='2'
[2018-07-04T10:37:37.184927] Adding include file; filename='/usr/share/syslog-ng/include/scl/cim/adapter.conf' , depth='2'
[2018-07-04T10:37:37.184930] Adding include file; filename='/usr/share/syslog-ng/include/scl/cim/template.conf ', depth='2'
[2018-07-04T10:37:37.184932] Adding include file; filename='/usr/share/syslog-ng/include/scl/cisco/plugin.conf ', depth='2'
[2018-07-04T10:37:37.184934] Adding include file; filename='/usr/share/syslog-ng/include/scl/default-network-d rivers/plugin.conf', depth='2'
[2018-07-04T10:37:37.184937] Adding include file; filename='/usr/share/syslog-ng/include/scl/elasticsearch/plu gin.conf', depth='2'
[2018-07-04T10:37:37.184940] Adding include file; filename='/usr/share/syslog-ng/include/scl/ewmm/ewmm.conf', depth='2'
[2018-07-04T10:37:37.184942] Adding include file; filename='/usr/share/syslog-ng/include/scl/graphite/plugin.c onf', depth='2'
[2018-07-04T10:37:37.184945] Adding include file; filename='/usr/share/syslog-ng/include/scl/graylog2/plugin.c onf', depth='2'
[2018-07-04T10:37:37.184947] Adding include file; filename='/usr/share/syslog-ng/include/scl/hdfs/plugin.conf' , depth='2'
[2018-07-04T10:37:37.184951] Adding include file; filename='/usr/share/syslog-ng/include/scl/iptables/iptables .conf', depth='2'
[2018-07-04T10:37:37.184955] Adding include file; filename='/usr/share/syslog-ng/include/scl/kafka/plugin.conf ', depth='2'
[2018-07-04T10:37:37.184959] Adding include file; filename='/usr/share/syslog-ng/include/scl/loadbalancer/plug in.conf', depth='2'
[2018-07-04T10:37:37.184962] Adding include file; filename='/usr/share/syslog-ng/include/scl/loggly/loggly.con f', depth='2'
[2018-07-04T10:37:37.184966] Adding include file; filename='/usr/share/syslog-ng/include/scl/logmatic/logmatic .conf', depth='2'
[2018-07-04T10:37:37.184969] Adding include file; filename='/usr/share/syslog-ng/include/scl/mbox/mbox.conf', depth='2'
[2018-07-04T10:37:37.184972] Adding include file; filename='/usr/share/syslog-ng/include/scl/nodejs/plugin.con f', depth='2'
[2018-07-04T10:37:37.184975] Adding include file; filename='/usr/share/syslog-ng/include/scl/osquery/plugin.co nf', depth='2'
[2018-07-04T10:37:37.184978] Adding include file; filename='/usr/share/syslog-ng/include/scl/pacct/plugin.conf ', depth='2'
[2018-07-04T10:37:37.184981] Adding include file; filename='/usr/share/syslog-ng/include/scl/rewrite/cc-mask.c onf', depth='2'
[2018-07-04T10:37:37.184984] Adding include file; filename='/usr/share/syslog-ng/include/scl/snmptrap/snmptrap d-source.conf', depth='2'
[2018-07-04T10:37:37.184988] Adding include file; filename='/usr/share/syslog-ng/include/scl/solaris/plugin.co nf', depth='2'
[2018-07-04T10:37:37.184991] Adding include file; filename='/usr/share/syslog-ng/include/scl/sudo/sudo.conf', depth='2'
[2018-07-04T10:37:37.184994] Adding include file; filename='/usr/share/syslog-ng/include/scl/syslogconf/plugin .conf', depth='2'
[2018-07-04T10:37:37.184998] Adding include file; filename='/usr/share/syslog-ng/include/scl/system/plugin.con f', depth='2'
[2018-07-04T10:37:37.185001] Adding include file; filename='/usr/share/syslog-ng/include/scl/windowseventlog/p lugin.conf', depth='2'
[2018-07-04T10:37:37.185007] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/apache/apache.con f', depth='2'
[2018-07-04T10:37:37.185044] Reading path for candidate modules; path='/usr/lib64/syslog-ng'
[2018-07-04T10:37:37.185080] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libjvm.so', module='jvm'
[2018-07-04T10:37:37.185117] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libadd-contextual-data.so', module='add-contextual-data'
[2018-07-04T10:37:37.185182] Registering candidate plugin; module='add-contextual-data', context='parser', name='add_contextual_data'
[2018-07-04T10:37:37.185201] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libaffile.so', module='affile'
[2018-07-04T10:37:37.185271] Registering candidate plugin; module='affile', context='source', name='file'
[2018-07-04T10:37:37.185277] Registering candidate plugin; module='affile', context='source', name='pipe'
[2018-07-04T10:37:37.185280] Registering candidate plugin; module='affile', context='source', name='wildcard_file'
[2018-07-04T10:37:37.185283] Registering candidate plugin; module='affile', context='source', name='stdin'
[2018-07-04T10:37:37.185286] Registering candidate plugin; module='affile', context='destination', name='file'
[2018-07-04T10:37:37.185289] Registering candidate plugin; module='affile', context='destination', name='pipe'
[2018-07-04T10:37:37.185303] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafmongodb.so', module='afmongodb'
[2018-07-04T10:37:37.185613] Registering candidate plugin; module='afmongodb', context='destination', name='mongodb'
[2018-07-04T10:37:37.185640] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafprog.so', module='afprog'
[2018-07-04T10:37:37.185702] Registering candidate plugin; module='afprog', context='source', name='program'
[2018-07-04T10:37:37.185707] Registering candidate plugin; module='afprog', context='destination', name='program'
[2018-07-04T10:37:37.185720] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafsocket.so', module='afsocket'
[2018-07-04T10:37:37.185867] Registering candidate plugin; module='afsocket', context='source', name='unix-stream'
[2018-07-04T10:37:37.185872] Registering candidate plugin; module='afsocket', context='destination', name='unix-stream'
[2018-07-04T10:37:37.185876] Registering candidate plugin; module='afsocket', context='source', name='unix-dgram'
[2018-07-04T10:37:37.185879] Registering candidate plugin; module='afsocket', context='destination', name='unix-dgram'
[2018-07-04T10:37:37.185883] Registering candidate plugin; module='afsocket', context='source', name='tcp'
[2018-07-04T10:37:37.185886] Registering candidate plugin; module='afsocket', context='destination', name='tcp'
[2018-07-04T10:37:37.185889] Registering candidate plugin; module='afsocket', context='source', name='tcp6'
[2018-07-04T10:37:37.185892] Registering candidate plugin; module='afsocket', context='destination', name='tcp6'
[2018-07-04T10:37:37.185896] Registering candidate plugin; module='afsocket', context='source', name='udp'
[2018-07-04T10:37:37.185899] Registering candidate plugin; module='afsocket', context='destination', name='udp'
[2018-07-04T10:37:37.185902] Registering candidate plugin; module='afsocket', context='source', name='udp6'
[2018-07-04T10:37:37.185906] Registering candidate plugin; module='afsocket', context='destination', name='udp6'
[2018-07-04T10:37:37.185909] Registering candidate plugin; module='afsocket', context='source', name='syslog'
[2018-07-04T10:37:37.185912] Registering candidate plugin; module='afsocket', context='destination', name='syslog'
[2018-07-04T10:37:37.185915] Registering candidate plugin; module='afsocket', context='source', name='network'
[2018-07-04T10:37:37.185921] Registering candidate plugin; module='afsocket', context='destination', name='network'
[2018-07-04T10:37:37.185924] Registering candidate plugin; module='afsocket', context='source', name='systemd-syslog'
[2018-07-04T10:37:37.185951] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafstomp.so', module='afstomp'
[2018-07-04T10:37:37.186009] Registering candidate plugin; module='afstomp', context='destination', name='stomp'
[2018-07-04T10:37:37.186024] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libafuser.so', module='afuser'
[2018-07-04T10:37:37.186077] Registering candidate plugin; module='afuser', context='destination', name='usertty'
[2018-07-04T10:37:37.186090] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libappmodel.so', module='appmodel'
[2018-07-04T10:37:37.186142] Registering candidate plugin; module='appmodel', context='root', name='application'
[2018-07-04T10:37:37.186147] Registering candidate plugin; module='appmodel', context='parser', name='app-parser'
[2018-07-04T10:37:37.186159] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libbasicfuncs.so', module='basicfuncs'
[2018-07-04T10:37:37.186227] Registering candidate plugin; module='basicfuncs', context='template-func', name='grep'
[2018-07-04T10:37:37.186232] Registering candidate plugin; module='basicfuncs', context='template-func', name='if'
[2018-07-04T10:37:37.186235] Registering candidate plugin; module='basicfuncs', context='template-func', name='or'
[2018-07-04T10:37:37.186239] Registering candidate plugin; module='basicfuncs', context='template-func', name='context-lookup'
[2018-07-04T10:37:37.186242] Registering candidate plugin; module='basicfuncs', context='template-func', name='context-length'
[2018-07-04T10:37:37.186246] Registering candidate plugin; module='basicfuncs', context='template-func', name='context-values'
[2018-07-04T10:37:37.186249] Registering candidate plugin; module='basicfuncs', context='template-func', name='echo'
[2018-07-04T10:37:37.186252] Registering candidate plugin; module='basicfuncs', context='template-func', name='length'
[2018-07-04T10:37:37.186256] Registering candidate plugin; module='basicfuncs', context='template-func', name='substr'
[2018-07-04T10:37:37.186259] Registering candidate plugin; module='basicfuncs', context='template-func', name='strip'
[2018-07-04T10:37:37.186262] Registering candidate plugin; module='basicfuncs', context='template-func', name='sanitize'
[2018-07-04T10:37:37.186265] Registering candidate plugin; module='basicfuncs', context='template-func', name='lowercase'
[2018-07-04T10:37:37.186269] Registering candidate plugin; module='basicfuncs', context='template-func', name='uppercase'
[2018-07-04T10:37:37.186272] Registering candidate plugin; module='basicfuncs', context='template-func', name='replace-delimiter'
[2018-07-04T10:37:37.186276] Registering candidate plugin; module='basicfuncs', context='template-func', name='padding'
[2018-07-04T10:37:37.186279] Registering candidate plugin; module='basicfuncs', context='template-func', name='binary'
[2018-07-04T10:37:37.186282] Registering candidate plugin; module='basicfuncs', context='template-func', name='dirname'
[2018-07-04T10:37:37.186285] Registering candidate plugin; module='basicfuncs', context='template-func', name='basename'
[2018-07-04T10:37:37.186289] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-concat'
[2018-07-04T10:37:37.186292] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-head'
[2018-07-04T10:37:37.186295] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-nth'
[2018-07-04T10:37:37.186299] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-tail'
[2018-07-04T10:37:37.186302] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-slice'
[2018-07-04T10:37:37.186306] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-count'
[2018-07-04T10:37:37.186309] Registering candidate plugin; module='basicfuncs', context='template-func', name='list-append'
[2018-07-04T10:37:37.186312] Registering candidate plugin; module='basicfuncs', context='template-func', name='+'
[2018-07-04T10:37:37.186315] Registering candidate plugin; module='basicfuncs', context='template-func', name='-'
[2018-07-04T10:37:37.186319] Registering candidate plugin; module='basicfuncs', context='template-func', name='*'
[2018-07-04T10:37:37.186322] Registering candidate plugin; module='basicfuncs', context='template-func', name='/'
[2018-07-04T10:37:37.186325] Registering candidate plugin; module='basicfuncs', context='template-func', name='%'
[2018-07-04T10:37:37.186328] Registering candidate plugin; module='basicfuncs', context='template-func', name='sum'
[2018-07-04T10:37:37.186332] Registering candidate plugin; module='basicfuncs', context='template-func', name='min'
[2018-07-04T10:37:37.186335] Registering candidate plugin; module='basicfuncs', context='template-func', name='max'
[2018-07-04T10:37:37.186338] Registering candidate plugin; module='basicfuncs', context='template-func', name='average'
[2018-07-04T10:37:37.186341] Registering candidate plugin; module='basicfuncs', context='template-func', name='ipv4-to-int'
[2018-07-04T10:37:37.186345] Registering candidate plugin; module='basicfuncs', context='template-func', name='indent-multi-line'
[2018-07-04T10:37:37.186348] Registering candidate plugin; module='basicfuncs', context='template-func', name='env'
[2018-07-04T10:37:37.186351] Registering candidate plugin; module='basicfuncs', context='template-func', name='template'
[2018-07-04T10:37:37.186355] Registering candidate plugin; module='basicfuncs', context='template-func', name='urlencode'
[2018-07-04T10:37:37.186367] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libcef.so', module='cef'
[2018-07-04T10:37:37.186418] Registering candidate plugin; module='cef', context='template-func', name='format-cef-extension'
[2018-07-04T10:37:37.186430] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libconfgen.so', module='confgen'
[2018-07-04T10:37:37.186486] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libcryptofuncs.so', module='cryptofuncs'
[2018-07-04T10:37:37.186538] Registering candidate plugin; module='cryptofuncs', context='template-func', name='uuid'
[2018-07-04T10:37:37.186543] Registering candidate plugin; module='cryptofuncs', context='template-func', name='hash'
[2018-07-04T10:37:37.186547] Registering candidate plugin; module='cryptofuncs', context='template-func', name='sha1'
[2018-07-04T10:37:37.186550] Registering candidate plugin; module='cryptofuncs', context='template-func', name='sha256'
[2018-07-04T10:37:37.186554] Registering candidate plugin; module='cryptofuncs', context='template-func', name='sha512'
[2018-07-04T10:37:37.186561] Registering candidate plugin; module='cryptofuncs', context='template-func', name='md4'
[2018-07-04T10:37:37.186565] Registering candidate plugin; module='cryptofuncs', context='template-func', name='md5'
[2018-07-04T10:37:37.186576] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libcsvparser.so', module='csvparser'
[2018-07-04T10:37:37.186628] Registering candidate plugin; module='csvparser', context='parser', name='csv-parser'
[2018-07-04T10:37:37.186641] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libdate.so', module='date'
[2018-07-04T10:37:37.186693] Registering candidate plugin; module='date', context='parser', name='date-parser'
[2018-07-04T10:37:37.186705] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libdbparser.so', module='dbparser'
[2018-07-04T10:37:37.186777] Registering candidate plugin; module='dbparser', context='parser', name='db-parser'
[2018-07-04T10:37:37.186782] Registering candidate plugin; module='dbparser', context='parser', name='grouping-by'
[2018-07-04T10:37:37.186795] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libdisk-buffer.so', module='disk-buffer'
[2018-07-04T10:37:37.186849] Registering candidate plugin; module='disk-buffer', context='inner-dest', name='disk_buffer'
[2018-07-04T10:37:37.186863] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libgraphite.so', module='graphite'
[2018-07-04T10:37:37.186911] Registering candidate plugin; module='graphite', context='template-func', name='graphite_output'
[2018-07-04T10:37:37.186924] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libhook-commands.so', module='hook-commands'
[2018-07-04T10:37:37.186974] Registering candidate plugin; module='hook-commands', context='inner-dest', name='hook-commands'
[2018-07-04T10:37:37.186979] Registering candidate plugin; module='hook-commands', context='inner-src', name='hook-commands'
[2018-07-04T10:37:37.186990] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libjson-plugin.so', module='json-plugin'
[2018-07-04T10:37:37.187083] Registering candidate plugin; module='json-plugin', context='parser', name='json-parser'
[2018-07-04T10:37:37.187088] Registering candidate plugin; module='json-plugin', context='template-func', name='format_json'
[2018-07-04T10:37:37.187105] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libkvformat.so', module='kvformat'
[2018-07-04T10:37:37.187159] Registering candidate plugin; module='kvformat', context='parser', name='kv-parser'
[2018-07-04T10:37:37.187164] Registering candidate plugin; module='kvformat', context='parser', name='linux-audit-parser'
[2018-07-04T10:37:37.187168] Registering candidate plugin; module='kvformat', context='template-func', name='format-welf'
[2018-07-04T10:37:37.187179] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='liblinux-kmsg-format.so', module='linux-kmsg-format'
[2018-07-04T10:37:37.187229] Registering candidate plugin; module='linux-kmsg-format', context='format', name='linux-kmsg'
[2018-07-04T10:37:37.187242] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libmap-value-pairs.so', module='map-value-pairs'
[2018-07-04T10:37:37.187293] Registering candidate plugin; module='map-value-pairs', context='parser', name='map_value_pairs'
[2018-07-04T10:37:37.187306] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libpseudofile.so', module='pseudofile'
[2018-07-04T10:37:37.187358] Registering candidate plugin; module='pseudofile', context='destination', name='pseudofile'
[2018-07-04T10:37:37.187371] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsdjournal.so', module='sdjournal'
[2018-07-04T10:37:37.187425] Registering candidate plugin; module='sdjournal', context='source', name='systemd-journal'
[2018-07-04T10:37:37.187438] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsnmptrapd-parser.so', module='snmptrapd-parser'
[2018-07-04T10:37:37.187489] Registering candidate plugin; module='snmptrapd-parser', context='parser', name='snmptrapd-parser'
[2018-07-04T10:37:37.187502] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libstardate.so', module='stardate'
[2018-07-04T10:37:37.187553] Registering candidate plugin; module='stardate', context='template-func', name='stardate'
[2018-07-04T10:37:37.187566] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsyslogformat.so', module='syslogformat'
[2018-07-04T10:37:37.187618] Registering candidate plugin; module='syslogformat', context='format', name='syslog'
[2018-07-04T10:37:37.187624] Registering candidate plugin; module='syslogformat', context='parser', name='syslog-parser'
[2018-07-04T10:37:37.187635] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libsystem-source.so', module='system-source'
[2018-07-04T10:37:37.187684] Registering candidate plugin; module='system-source', context='source', name='system'
[2018-07-04T10:37:37.187697] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libtags-parser.so', module='tags-parser'
[2018-07-04T10:37:37.187747] Registering candidate plugin; module='tags-parser', context='parser', name='tags-parser'
[2018-07-04T10:37:37.187760] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libtfgetent.so', module='tfgetent'
[2018-07-04T10:37:37.187809] Registering candidate plugin; module='tfgetent', context='template-func', name='getent'
[2018-07-04T10:37:37.187821] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libxml.so', module='xml'
[2018-07-04T10:37:37.187873] Registering candidate plugin; module='xml', context='parser', name='xml'
[2018-07-04T10:37:37.187886] Reading shared object for a candidate module; path='/usr/lib64/syslog-ng', fname='libmod-java.so', module='mod-java'
[2018-07-04T10:37:37.187891] Registering candidate plugin; module='mod-java', context='options', name='jvm_options'
[2018-07-04T10:37:37.187896] Registering candidate plugin; module='mod-java', context='destination', name='java'
[2018-07-04T10:37:37.187948] Finishing include; filename='/usr/share/syslog-ng/include/scl/apache/apache.con f', depth='2'
[2018-07-04T10:37:37.187961] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/cim/adapter.conf' , depth='2'
[2018-07-04T10:37:37.188052] Module loaded and initialized successfully; module='appmodel'
[2018-07-04T10:37:37.188086] Finishing include; filename='/usr/share/syslog-ng/include/scl/cim/adapter.conf' , depth='2'
[2018-07-04T10:37:37.188098] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/cim/template.conf ', depth='2'
[2018-07-04T10:37:37.188223] Module loaded and initialized successfully; module='json-plugin'
[2018-07-04T10:37:37.188348] Finishing include; filename='/usr/share/syslog-ng/include/scl/cim/template.conf ', depth='2'
[2018-07-04T10:37:37.188362] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/cisco/plugin.conf ', depth='2'
[2018-07-04T10:37:37.188486] Finishing include; filename='/usr/share/syslog-ng/include/scl/cisco/plugin.conf ', depth='2'
[2018-07-04T10:37:37.188497] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/default-network-d rivers/plugin.conf', depth='2'
[2018-07-04T10:37:37.188579] Finishing include; filename='/usr/share/syslog-ng/include/scl/default-network-d rivers/plugin.conf', depth='2'
[2018-07-04T10:37:37.188590] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/elasticsearch/plu gin.conf', depth='2'
[2018-07-04T10:37:37.188623] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'
[2018-07-04T10:37:37.188629] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'
[2018-07-04T10:37:37.188632] Module loaded and initialized successfully; module='json-plugin'
[2018-07-04T10:37:37.188760] Finishing include; filename='/usr/share/syslog-ng/include/scl/elasticsearch/plu gin.conf', depth='2'
[2018-07-04T10:37:37.188770] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/ewmm/ewmm.conf', depth='2'
[2018-07-04T10:37:37.188822] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'
[2018-07-04T10:37:37.188827] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'
[2018-07-04T10:37:37.188830] Module loaded and initialized successfully; module='json-plugin'
[2018-07-04T10:37:37.189032] Finishing include; filename='/usr/share/syslog-ng/include/scl/ewmm/ewmm.conf', depth='2'
[2018-07-04T10:37:37.189043] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/graphite/plugin.c onf', depth='2'
[2018-07-04T10:37:37.189093] Finishing include; filename='/usr/share/syslog-ng/include/scl/graphite/plugin.c onf', depth='2'
[2018-07-04T10:37:37.189103] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/graylog2/plugin.c onf', depth='2'
[2018-07-04T10:37:37.189137] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'
[2018-07-04T10:37:37.189142] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'
[2018-07-04T10:37:37.189145] Module loaded and initialized successfully; module='json-plugin'
[2018-07-04T10:37:37.189284] Module loaded and initialized successfully; module='basicfuncs'
[2018-07-04T10:37:37.189316] Finishing include; filename='/usr/share/syslog-ng/include/scl/graylog2/plugin.c onf', depth='2'
[2018-07-04T10:37:37.189328] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/hdfs/plugin.conf' , depth='2'
[2018-07-04T10:37:37.189403] Finishing include; filename='/usr/share/syslog-ng/include/scl/hdfs/plugin.conf' , depth='2'
[2018-07-04T10:37:37.189413] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/iptables/iptables .conf', depth='2'
[2018-07-04T10:37:37.189478] Finishing include; filename='/usr/share/syslog-ng/include/scl/iptables/iptables .conf', depth='2'
[2018-07-04T10:37:37.189488] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/kafka/plugin.conf ', depth='2'
[2018-07-04T10:37:37.189548] Finishing include; filename='/usr/share/syslog-ng/include/scl/kafka/plugin.conf ', depth='2'
[2018-07-04T10:37:37.189558] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/loadbalancer/plug in.conf', depth='2'
[2018-07-04T10:37:37.189681] Module loaded and initialized successfully; module='confgen'
[2018-07-04T10:37:37.189703] Finishing include; filename='/usr/share/syslog-ng/include/scl/loadbalancer/plug in.conf', depth='2'
[2018-07-04T10:37:37.189715] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/loggly/loggly.con f', depth='2'
[2018-07-04T10:37:37.189776] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'
[2018-07-04T10:37:37.189781] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'
[2018-07-04T10:37:37.189785] Module loaded and initialized successfully; module='json-plugin'
[2018-07-04T10:37:37.189815] Finishing include; filename='/usr/share/syslog-ng/include/scl/loggly/loggly.con f', depth='2'
[2018-07-04T10:37:37.189825] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/logmatic/logmatic .conf', depth='2'
[2018-07-04T10:37:37.189893] Attempted to register the same plugin multiple times, dropping the old one; context='parser', name='json-parser'
[2018-07-04T10:37:37.189897] Attempted to register the same plugin multiple times, dropping the old one; context='template-func', name='format_json'
[2018-07-04T10:37:37.189900] Module loaded and initialized successfully; module='json-plugin'
[2018-07-04T10:37:37.189926] Finishing include; filename='/usr/share/syslog-ng/include/scl/logmatic/logmatic .conf', depth='2'
[2018-07-04T10:37:37.189936] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/mbox/mbox.conf', depth='2'
[2018-07-04T10:37:37.189980] Finishing include; filename='/usr/share/syslog-ng/include/scl/mbox/mbox.conf', depth='2'
[2018-07-04T10:37:37.189990] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/nodejs/plugin.con f', depth='2'
[2018-07-04T10:37:37.190038] Finishing include; filename='/usr/share/syslog-ng/include/scl/nodejs/plugin.con f', depth='2'
[2018-07-04T10:37:37.190048] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/osquery/plugin.co nf', depth='2'
[2018-07-04T10:37:37.190136] Finishing include; filename='/usr/share/syslog-ng/include/scl/osquery/plugin.co nf', depth='2'
[2018-07-04T10:37:37.190146] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/pacct/plugin.conf ', depth='2'
[2018-07-04T10:37:37.190189] Finishing include; filename='/usr/share/syslog-ng/include/scl/pacct/plugin.conf ', depth='2'
[2018-07-04T10:37:37.190198] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/rewrite/cc-mask.c onf', depth='2'
[2018-07-04T10:37:37.190246] Global value changed; define='balabit.credit-card-regexp', value='(:4[0-9]{12}(?:[0-9]{3} )?|5[1-5][0-9]{14}|6(?:011|5[0 -9][0-9])[0-9]{12}|3[47][0-9]{ 13}|3(?:0[0-5]|[68][0-9])[0-9] {11}|(?:2131|1800|35d{3})d{11} )'
[2018-07-04T10:37:37.190280] Finishing include; filename='/usr/share/syslog-ng/include/scl/rewrite/cc-mask.c onf', depth='2'
[2018-07-04T10:37:37.190289] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/snmptrap/snmptrap d-source.conf', depth='2'
[2018-07-04T10:37:37.190340] Finishing include; filename='/usr/share/syslog-ng/include/scl/snmptrap/snmptrap d-source.conf', depth='2'
[2018-07-04T10:37:37.190350] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/solaris/plugin.co nf', depth='2'
[2018-07-04T10:37:37.190400] Finishing include; filename='/usr/share/syslog-ng/include/scl/solaris/plugin.co nf', depth='2'
[2018-07-04T10:37:37.190410] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/sudo/sudo.conf', depth='2'
[2018-07-04T10:37:37.190472] Finishing include; filename='/usr/share/syslog-ng/include/scl/sudo/sudo.conf', depth='2'
[2018-07-04T10:37:37.190482] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/syslogconf/plugin .conf', depth='2'
[2018-07-04T10:37:37.190539] Module loaded and initialized successfully; module='confgen'
[2018-07-04T10:37:37.190545] Finishing include; filename='/usr/share/syslog-ng/include/scl/syslogconf/plugin .conf', depth='2'
[2018-07-04T10:37:37.190554] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/system/plugin.con f', depth='2'
[2018-07-04T10:37:37.190593] Finishing include; filename='/usr/share/syslog-ng/include/scl/system/plugin.con f', depth='2'
[2018-07-04T10:37:37.190601] Starting to read include file; filename='/usr/share/syslog-ng/include/scl/windowseventlog/p lugin.conf', depth='2'
[2018-07-04T10:37:37.190643] Finishing include; filename='/usr/share/syslog-ng/include/scl/windowseventlog/p lugin.conf', depth='2'
[2018-07-04T10:37:37.190661] Global value changed; define='java-module-dir', value='/usr/lib64/syslog-ng/java-modules'
[2018-07-04T10:37:37.190667] Finishing include; filename='/etc/syslog-ng/scl.conf', depth='1'
[2018-07-04T10:37:37.190862] Module loaded and initialized successfully; module='system-source'
[2018-07-04T10:37:37.190952] Module loaded and initialized successfully; module='sdjournal'
[2018-07-04T10:37:37.190996] Finishing include; content='parser generator app-parser', depth='2'
[2018-07-04T10:37:37.191184] Module loaded and initialized successfully; module='kvformat'
[2018-07-04T10:37:37.191201] Finishing include; content='block parser iptables-parser() at /usr/share/syslog-ng/include/scl/iptables/iptables.conf:23', depth='3'
[2018-07-04T10:37:37.191329] Module loaded and initialized successfully; module='csvparser'
[2018-07-04T10:37:37.191357] Finishing include; content='block parser sudo-parser() at /usr/share/syslog-ng/include/scl/sudo/sudo.conf:23', depth='3'
[2018-07-04T10:37:37.191380] Finishing include; content='parser generator app-parser', depth='2'
[2018-07-04T10:37:37.191404] Finishing include; content='source generator system', depth='1'
[2018-07-04T10:37:37.191591] Module loaded and initialized successfully; module='afsocket'
[2018-07-04T10:37:37.192042] Module loaded and initialized successfully; module='dbparser'
[2018-07-04T10:37:37.192158] Module loaded and initialized successfully; module='affile'
[2018-07-04T10:37:37.192370] Finishing include; content='block destination elasticsearch2() at /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:5 9', depth='1'
[2018-07-04T10:37:37.192738] Module loaded and initialized successfully; module='syslogformat'
[2018-07-04T10:37:37.192935] Accepting connections; addr='AF_INET(0.0.0.0:601)'
[2018-07-04T10:37:37.192970] Accepting connections; addr='AF_INET(0.0.0.0:514)'
[2018-07-04T10:37:37.193423] Seeking the journal to the last cursor position; cursor='s=df2c9187264b4bb0a3addd9aa8fc2c71;i=6d55c;b=4458f11 42e1f48c0895f522ab1182866;m=87 d9f8fec7;t=57028562edb9b;x=437 3623fa660b876'
[2018-07-04T10:37:37.193676] Log pattern database reloaded; file='/opt/syslog-ng/etc/patterndb.xml', version='3', pub_date='2010-07-13'
[2018-07-04T10:37:37.193712] Processing the time zone file (32bit part); filename='/usr/share/zoneinfo/UTC'
[2018-07-04T10:37:37.193736] Java machine new;
[2018-07-04T10:37:37.242506] Can't find class; class_name='org/syslog_ng/SyslogNgClassLoader'
**
ERROR:modules/java/native/java_machine.c:206:java_machine_ge t_class_loader: assertion failed: (self->loader)
Aborted (core dumped)
____________________________________________________________ __________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog -ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
____________________________________________________________ __________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq