Hi, is it possible that there's something wrong with eiter 3.0 version of syslog-ng? I tried them both, this one http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.0.1/s... and this one http://www.balabit.com/downloads/files/syslog-ng/sources/3.0.1/source/syslog... By now I also have tried the 2.1.3 version. There, I do not have any of the below described issues. Another thing that popped up in v.3.0 is it seems to ignore the time zone. According to `date +%:z` my test box is configured to +01:00. However, syslog-ng 3.0 insists on logging tz -00:00. I tried to work around this by defining the time_zone in a source definition. Did not help. As I most appreciate the built-in sql logging I think v. 2.1.3 will do perfectly fine. So I'll stick with it. Best, Philipp
Dear list users
In the near future I would like to migrate from syslog-ng 2 to 3.x. For this reason I've set up a linux testbox.
Now, I have a problem I lack to see a solution for.
The syslog-ng testing config:
@version:3.0
## GLOBAL options { chain_hostnames(no); keep_hostname(yes); flush_lines(0); stats_freq(3600); use_dns(persist_only); dns_cache_hosts(/etc/hosts); };
## SOURCES source src { unix-stream("/dev/log"); }; source src-kernel { file("/proc/kmsg" program_override("kernel: ")); }; source src-syslog-ng { internal(); };
## LOGGING TEMPLATES template t_filetmpl { template("$DATE $FACILITY.$PRIORITY $FULLHOST $MSGHDR$MSG\n"); template_escape(no); };
## DESTINATIONS destination local4 { file("/var/log/local4.log" template(t_filetmpl)); };
## FILTERS filter f_local4 { facility(local4); };
## LOGS log { source(src); filter(f_local4); destination(local4); };
For testing I use the logger command: ` logger -p local4.info -t test testnachricht2`. This configuration causes, and I do not see why, lines like these in the /var/log/local4.log file. [empty line] testnachricht2 test: donald.info local4Feb 11 14:26:01Feb 11 14:26:01 local4.info donald test: testnachricht2
However, if I replace the line below "## DESTINATIONS" with destination local4 { file("/var/log/local4.log" template("$DATE $FACILITY.$PRIORITY $FULLHOST $MSGHDR$MSG\n")); };
all is perfect. The logged line looks like this: Feb 11 14:30:22 local4.info donald test: testnachricht2
Please could you tell me what I've missed?
Thanks in advance, Philipp
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html