On Thu, Jun 15, 2000 at 11:52:16AM -0300, Leonardo Marques de Souza wrote:
Its my full syslog-ng.conf
# ----8<------------------------------------------------------------------ # # Syslog-ng configuraç?o para o Conectiva Linux 5.1 # # Copyright (c) 1999 Balazs Scheidler # $Id: syslog-ng.conf,v 1.0 12/06/2000 12:30:41 bazsi Exp $ # # Arquivo de configuraç?o syslog-ng, compatible com o syslogd do Conectiva # # Adaptado por Leo # Leonardo Marques de Souza <leo@conectiva.com.br> #
# Opç?es Padr?o #options { long_hostnames(off); sync(0); };
# ------------------------ # Fontes de Leitura do Log # ------------------------
# Leitura do /dev/log source src { unix-stream("/dev/log"); internal(); };
# Leitura da porta UDP do syslog padr?o (514) # # Por padr?o, ele n?o esta ligado na instalaç?o # Para iniciá-lo, basta descomentar a linha abaixo
source net { udp(ip("10.0.2.4") port(514)); };
# --------------------------- # Destino dos dados Filtrados # ---------------------------
destination remotenet { udp(ip("10.0.0.10") port("514")); };
this should be: destination remotenet { udp("10.0.0.10" port(514)); };
destination console { pipe("/dev/console"); }; destination messages { file("/var/log/messages"); }; destination secure { file("/var/log/secure"); }; destination maillog { file("/var/log/maillog"); }; destination spooler { file("/var/log/spooler"); }; destination boot { file("/var/log/boot.log"); };
# ------------------------ # Configuraç?o dos filtros # ------------------------
filter f_kern { facility(kern); }; filter f_mail { facility(mail); }; filter f_authpriv { facility(authpriv); }; filter f_uucp { facility(cron); }; filter f_news { facility(news); }; filter f_local7 { facility(local7); };
filter f_info { level(info); }; filter f_crit { level(crit); }; filter f_emerg { level(emerg); }; filter f_notice { level(notice); };
# ------------------------ # Arquivos de destino # ------------------------
log { source(src); filter(f_kern); destination(console); }; log { source(src); filter(f_info); destination(messages); }; log { source(src); filter(f_authpriv); destination(secure); }; log { source(src); filter(f_mail); destination(maillog); }; log { source(src); filter(f_uucp); filter(f_crit); destination(spooler); }; log { source(src); filter(f_local7); destination(boot); };
#log { source(src); filter(f_authpriv); destination(remote_net); };
# ---8<---------------------------------------------------------
a more SIMPLE conf :
---------8<----------- options { long_hostnames(off); sync(0); }; source src { unix-stream("/dev/log"); internal(); }; source net { udp(ip(10.0.2.4) port(514)); }; destination messages { file("/var/log/messages"); }; destination remotenet { udp(ip("10.0.0.10") port("514")); };
destination remotenet { udp("10.0.0.10" port(514)); };
filter f_info { level(info); };
log { source(src); filter(f_info); destination(messages); }; log { source(net); filter(f_info); destination(remotenet); }; ------------8<-------------
[root@patolino syslog-ng]# syslog-ng -d -v parse error at 5 Parse error reading configuration file, exiting. [root@patolino syslog-ng]#
other combinations: source net { udp(ip("10.0.2.4") port("514")); }; source net { udp(10.0.2.4 514); }; source net { udp(10.0.2.4, 514); }; source net { udp("10.0.2.4" "514"); }; source net { udp(10.0.2.4) port(514); }; source net { udp(10.0.2.4); port(514); }; source net { udp(ip("10.0.2.4") port("514");); }; source net { udp(ip("10.0.2.4") { port("514")};); };
no way... i got same errors :(((
I do not undersand the lex-algoritm in source code ... i will try more...
Any Help?? I would like to do this program to work in our machines (remote log) ...
What i doing wrong?? I see the manuals, helps, web-list.. :(( and why "destination" and "source" have diferent sintax?? too strange... :(
because udp and tcp sources have default IP address (0.0.0.0), specifying an IP is optional, thus it is using the optional parameters syntax.