Hello,
Any help?
If it is available online, please help me with a link as I am unable to find anything useful over internet.

On Thu, Feb 6, 2020 at 3:04 PM Abhi Arora <engr.abhiarora@gmail.com> wrote:
"ls -l /dev/log" returns:
> lrwxrwxrwx 1 root root 28 Sep 30 13:28 /dev/log -> /run/systemd/journal/dev-log

"lsof" returns a huge list of open files. I am putting few related to sysnlog

> 363     /usr/sbin/syslog-ng     /dev/null
363     /usr/sbin/syslog-ng     socket:[6284]
363     /usr/sbin/syslog-ng     socket:[6284]
363     /usr/sbin/syslog-ng     anon_inode:[eventpoll]
363     /usr/sbin/syslog-ng     anon_inode:[eventfd]
363     /usr/sbin/syslog-ng     socket:[6522]
363     /usr/sbin/syslog-ng     anon_inode:[eventfd]
363     /usr/sbin/syslog-ng     anon_inode:[eventfd]
363     /usr/sbin/syslog-ng     anon_inode:[eventfd]
363     /usr/sbin/syslog-ng     anon_inode:[eventfd]
363     /usr/sbin/syslog-ng     anon_inode:[eventfd]
363     /usr/sbin/syslog-ng     /var/lib/syslog-ng/syslog-ng.persist
363     /usr/sbin/syslog-ng     socket:[6537]
363     /usr/sbin/syslog-ng     /proc/kmsg
363     /usr/sbin/syslog-ng     anon_inode:[timerfd]

On Thu, Feb 6, 2020 at 2:39 PM Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:
On 06.02.20 12:30, Abhi Arora wrote:
>I don't see service start fail messages. However, even with the latest
>date, syslog doesn't show any logs from my applications. However,
>journalctl is showing the logs after a latest date update.
>
>source s_src { unix-dgram("/dev/log"); internal();
>             file("/proc/kmsg" program_override("kernel"));
>};

try "ls -l /dev/log"
in this case:

lrwxrwxrwx 1 root root 28 apr 14  2018 /dev/log -> /run/systemd/journal/dev-log

is the log redirected to journald
and in this case:

srw-rw-rw- 1 root root 0 Dec 16 06:54 /dev/log

you can verify it's used by syslog-ng:

# lsof /dev/log
COMMAND    PID USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
syslog-ng 1747 root   14u  unix 0x00000000364c47ad      0t0 1544 /dev/log type=DGRAM

>On Thu, Feb 6, 2020 at 12:21 PM Nagy Gábor <gabor.hl@gmail.com> wrote:
>
>> I think you need to add /dev/log to unix-dgram.
>>
>> source s_src { unix-dgram("/dev/log");
>> internal();
>>              file("/proc/kmsg" program_override("kernel"));
>> };
>>
>> Regards,
>> Gábor
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>

>______________________________________________________________________________
>Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
>FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>


--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Where do you want to go to die?" [Microsoft]
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq