Can someone shed some light here? I am hoping to get to try the “parser” options, but need to successfully compile first. It appears to be dying at something in the eventlog On Red Hat - 2.6.18-92.1.18.el5 #1 SMP Wed Nov 5 09:00:13 EST 2008 i686 athlon i386 GNU/Linux I have eventlog installed: eventlog-0.2.9+20081116.tar.gz ./configure --enable-ssl=no --enable-dynamic-linking --enable-linux-caps syslog-ng Open Source Edition 3.0+20081116 configured Compiler options: compiler : gcc compiler options : -g -O2 -Wall -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/local/include/eventlog -I/usr/kerberos/include -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 linker flags : prefix : /usr/local Features: Sun STREAMS support : no Sun Door support : no Debug symbols : no GCC profiling : no Memtrace : no IPV6 support : yes spoof-source support : no tcp-wrapper support : yes SSL support : no SQL support : no Linux capability support : yes PCRE support : yes Env wrapper support : no A make gets me here: logwriter.c: In function ‘log_writer_fd_dispatch’: logwriter.c:241: error: ‘LogWriterWatch’ has no member named ‘fd’ make[2]: *** [logwriter.o] Error 1 make[2]: Leaving directory `/usr/local/src/syslog-ng-3.0+20081116/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/local/src/syslog-ng-3.0+20081116' make: *** [all] Error 2 snippet of logwriter.c lines 239-245 239 else if (self->pollfd.revents & (G_IO_ERR)) 240 { 241 msg_error("POLLERR occurred while idle", 242 evt_tag_int("fd", self->fd->fd), 243 NULL); 244 log_writer_broken(self->writer, NC_WRITE_ERROR); 245 } Thank you, Shawn Saunders UNIX Systems Administrator 818.953.2649 WMG, Digital Properties "UNIX is user-friendly ... it's just selective about who its friends are!!"