Betr.: [syslog-ng]centralized syslog-server.

Hi, For the host you wrote: source s_send { udp(); internal(); }; This means you don't receive message from the local machine (something like unix_dgram("/dev/log"); is missing). So, are you sure you receive any messages on the host via UDP? I think internal doesn't generate any messages by default (I read here last month). Regards, Esteban. |---------+--------------------------------> | | "Jon Hofstad" | | | <Jon.Hofstad@ergo.no>| | | Verzonden door: | | | syslog-ng-admin@lists| | | .balabit.hu | | | | | | | | | 04-12-2002 15:24 | | | Antwoord a.u.b. aan | | | syslog-ng | | | | |---------+-------------------------------->

-------------------------------------------------------------------------------------------------------------------------------| | Aan: "'syslog-ng@lists.balabit.hu'" <syslog-ng@lists.balabit.hu> | | cc: | |Onderwerp: [syslog-ng]centralized syslog-server. | -------------------------------------------------------------------------------------------------------------------------------|

Hello. I`ve set up an syslog-ng server that will receive syslog-messages from different hosts. But I have some problems with my configuration. I was hoping some one could point out what I`m doing wrong.. ---------- This is the host`s configuration: options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); use_dns (yes); use_fqdn (no); create_dirs (yes); keep_hostname (yes); }; source s_send { udp(); internal(); }; destination d_send { udp("192.168.80.94"); }; filter f_send { level(info); }; log { source(s_send); filter(f_send); destination(d_send); }; --------------------- AND here`s the server-config: options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (on); use_dns (yes); use_fqdn (no); create_dirs (yes); keep_hostname (yes); }; source crusher-1 { udp(); internal(); }; destination d_crusher-1 { file("/var/log/crusher-1"); }; filter f_crusher-1 { host("192.168.80.141"); } log { source(local); filter(f_filter2); destination(d_mesg); }; ----------- I`ve been snooping my interfaces and the host doesn`t seem to send out any messages via udp.. Hints are welcomed:) /Jon Hofstad _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html ------------------------------------------------------------------------------ De Belastingdienst gebruikt e-mail niet voor officiele mededelingen. ==============================================================================