On 05/17/2016 01:22 PM, Ivan Adji - Krstev wrote:
Hi Robert, Everything is placed as it is. I have put the server and the client in the networ() part the *flags* and still nothing. No template in use.
Here is the configuration of the server:
options { flush_lines (0); time_reopen (10); log_fifo_size (1000); chain_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (no); keep_hostname (yes); };
source s_sys { system(); internal(); network(ip(0.0.0.0) port(6514) flags(syslog-protocol) transport("tls") tls(key_file("/etc/syslog-ng/cert.d/serverkey.pem") cert_file("/etc/syslog-ng/cert.d/servercert.pem") ca_dir("/etc/syslog-ng/ca.d") ) );
};
destination d_mongodb { mongodb( servers("localhost:27017") database("syslog") username("test") password("test123") collection("messages") value-pairs( scope("selected-macros" "nv-pairs" "sdata") ) ); };
And here it is on the client site:
options { flush_lines (0); time_reopen (10); log_fifo_size (1000); chain_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (no); keep_hostname (yes); };
source s_sys { system(); internal(); # udp(ip(0.0.0.0) port(514)); };
destination tls_destination { network("x.x.x.x" port(6514) flags(syslog-protocol) transport("tls") tls( ca_dir("/etc/syslog-ng/ca.d") key_file("/etc/syslog-ng/cert.d/clientkey.pem") cert_file("/etc/syslog-ng/cert.d/clientcert.pem") ) ); };
And i have use the same configuration with MySQL and works perfect now i have problems with MongoDB.
Kind regards Ivan
On 05/17/2016 01:10 PM, Fekete, Róbert wrote:
Hi,
The protocols used in the syslog-ng clients and the syslog-ng server should match. You posted a source that uses the network() driver - I take this is from your server. The destination on your client should also use the network() driver, and that's where you need the flags(syslog-protocol).
Also check your client config to see if it uses a custom template that messes with the message format.
Robert
On Tue, May 17, 2016 at 10:49 AM, Ivan Adji - Krstev <akivanradix@gmail.com <mailto:akivanradix@gmail.com>> wrote:
Any way i put it where i can and on a client but still nothing.
Any other hints ?
Ivan
On 05/17/2016 10:31 AM, Fabien Wernli wrote:
Hi,
On Tue, May 17, 2016 at 10:11:27AM +0200, Ivan Adji - Krstev wrote:
some RFC model 5424. Is there an option to configure the syslog-ng to send this messages in that RFC format ?
Add `flags(syslog-protocol)` to the network destination
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq