Hi Zoltan, Thanks to your mail... But I am getting below error....in solaris10 os. Please suggest. bash-3.00# /usr/local/sbin/syslog-ng -d -f /etc/syslog-ng/syslog-ng.conf Error opening file for reading; filename='/proc/kmsg', error='No such file or directory (2)' Error initializing source driver; source='s_sys' \bash-3.00# ls -l /proc/kmsg /proc/kmsg: No such file or directory bash-3.00# From: Zoltán Pallagi [mailto:pzolee@balabit.hu] Sent: Wednesday, April 27, 2011 1:57 PM To: Syslog-ng users' and developers' mailing list Cc: SRamesh Kumar (WI01 - Manage IT) Subject: Re: [syslog-ng] Solaris 10_x86 server. Hi, If you start syslog-ng in debug mode (syslog-ng -Fevd) it will complain about the problems. I've fixed your configuration, the problems were the following: -sun-stream -> sun-streams -created_dirs was given for destinations, it's only a global option Also, you shouldn't declare the same source twice (sun-streams("dev/log")), you can use a source in several log path. E.g.: log { source(s_ext); source(s_sys); destination(d_ext); }; -------------------------------------------- Fixed config: @version: 4.0 options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (yes); keep_hostname (yes); }; source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); sun-streams ("/dev/log"); internal(); }; # External Source source s_ext { # Standard Syslog udp(); # All interfaces tcp(); # All interfaces on tcp port sun-streams("/dev/log"); # you should remove it and use the s_sys source in the proper log path }; destination d_cons { file("/dev/console"); }; destination d_mesg { file("/var/adm/messages"); }; destination d_mail { file("/var/log/syslog"); }; destination d_auth { file("/var/log/authlog"); }; destination d_mlop { usertty("operator"); }; destination d_mlrt { usertty("root"); }; destination d_mlal { usertty("*"); }; destination d_ext { file("/syslog-ng/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" \ owner(root) group(root) perm(0650) dir_perm(0750)); }; filter f_filter1 { level(err) or (level(notice) and facility (auth, kern)); }; filter f_filter2 { level(err) or (facility(kern) and level(notice)) or (facility(daemon) and level(notice)) or (facility(mail) and level(crit)); }; filter f_filter3 { level(alert) or (facility(kern) and level(err)) or (facility(daemon) and level(err)); }; filter f_filter4 { level(alert); }; filter f_filter5 { level(emerg); }; filter f_filter6 { facility(kern) and level(notice); }; filter f_filter7 { facility(mail) and level(debug); }; filter f_filter8 { facility(user) and level(err); }; filter f_filter9 { facility(user) and level(alert); }; log { source(s_sys); filter(f_filter1); destination(d_cons); }; log { source(s_sys); filter(f_filter2); destination(d_mesg); }; log { source(s_sys); filter(f_filter3); destination(d_mlop); }; log { source(s_sys); filter(f_filter4); destination(d_mlrt); }; log { source(s_sys); filter(f_filter5); destination(d_mlal); }; log { source(s_sys); filter(f_filter6); destination(d_auth); }; log { source(s_sys); filter(f_filter7); destination(d_mail); }; log { source(s_sys); filter(f_filter8); destination(d_cons); destination(d_mesg); }; log { source(s_ext); destination(d_ext); }; On 2011-04-27 10:06, sramesh.kumar@wipro.com wrote: Hi All, Can any body help me. Please????? I hve configured syslog-ng in X86 server. Bellow is the configuration. But Logs are not coming under /syslog-ng folder.....if I am wrong in bellow configuration, can you Please Provide step by step configuration Procedure to configure the same... # cat /etc/syslog-ng/syslog-ng.conf options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (yes); keep_hostname (yes); }; source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); sun-stream ("/dev/log"); internal(); }; # External Source source s_ext { # Standard Syslog udp(); # All interfaces tcp(); # All interfaces on tcp port sun-stream("/dev/log"); }; destination d_cons { file("/dev/console"); }; destination d_mesg { file("/var/adm/messages"); }; destination d_mail { file("/var/log/syslog"); }; destination d_auth { file("/var/log/authlog"); }; destination d_mlop { usertty("operator"); }; destination d_mlrt { usertty("root"); }; destination d_mlal { usertty("*"); }; destination d_ext { file("/syslog-ng/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" \ owner(root) group(root) perm(0650) dir_perm(0750) create_dirs(yes)); create_dirs(yes)); }; filter f_filter1 { level(err) or (level(notice) and facility (auth, kern)); }; filter f_filter2 { level(err) or (facility(kern) and level(notice)) or (facility(daemon) and level(notice)) or (facility(mail) and level(crit)); }; filter f_filter3 { level(alert) or (facility(kern) and level(err)) or (facility(daemon) and level(err)); }; filter f_filter4 { level(alert); }; filter f_filter5 { level(emerg); }; filter f_filter6 { facility(kern) and level(notice); }; filter f_filter7 { facility(mail) and level(debug); }; filter f_filter8 { facility(user) and level(err); }; filter f_filter9 { facility(user) and level(alert); }; log { source(s_sys); filter(f_filter1); destination(d_cons); }; log { source(s_sys); filter(f_filter2); destination(d_mesg); }; log { source(s_sys); filter(f_filter3); destination(d_mlop); }; log { source(s_sys); filter(f_filter4); destination(d_mlrt); }; log { source(s_sys); filter(f_filter5); destination(d_mlal); }; log { source(s_sys); filter(f_filter6); destination(d_auth); }; log { source(s_sys); filter(f_filter7); destination(d_mail); }; log { source(s_sys); filter(f_filter8); destination(d_cons); destination(d_mesg); }; log { source(s_ext); destination(d_ext); }; # isainfo -kv 64-bit amd64 kernel modules # cat /etc/release Solaris 10 10/08 s10x_u6wos_07b X86 Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms. Assembled 27 October 2008 # pkginfo -l SMCsyslng PKGINST: SMCsyslng NAME: syslogng CATEGORY: application ARCH: x86 VERSION: 2.0.5 BASEDIR: /usr/local VENDOR: BalaBit IT Ltd PSTAMP: Steve Christensen INSTDATE: Apr 20 2011 16:24 EMAIL: steve@smc.vnet.net STATUS: completely installed FILES: 64 installed pathnames 3 shared pathnames 15 directories 2 executables 2163 blocks used (approx) Thanks & Regards, Ramesh Kumar, Wipro Infotech Hyderabad, Mobile: +91 905 221 3330 * : sramesh.kumar@wipro.com Intensity to Win Act with Sensitivity Unyielding Integrity Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com