Its my full syslog-ng.conf # ----8<------------------------------------------------------------------ # # Syslog-ng configuração para o Conectiva Linux 5.1 # # Copyright (c) 1999 Balazs Scheidler # $Id: syslog-ng.conf,v 1.0 12/06/2000 12:30:41 bazsi Exp $ # # Arquivo de configuração syslog-ng, compatible com o syslogd do Conectiva # # Adaptado por Leo # Leonardo Marques de Souza <leo@conectiva.com.br> # # Opções Padrão #options { long_hostnames(off); sync(0); }; # ------------------------ # Fontes de Leitura do Log # ------------------------ # Leitura do /dev/log source src { unix-stream("/dev/log"); internal(); }; # Leitura da porta UDP do syslog padrão (514) # # Por padrão, ele não esta ligado na instalação # Para iniciá-lo, basta descomentar a linha abaixo source net { udp(ip("10.0.2.4") port(514)); }; # --------------------------- # Destino dos dados Filtrados # --------------------------- destination remotenet { udp(ip("10.0.0.10") port("514")); }; destination console { pipe("/dev/console"); }; destination messages { file("/var/log/messages"); }; destination secure { file("/var/log/secure"); }; destination maillog { file("/var/log/maillog"); }; destination spooler { file("/var/log/spooler"); }; destination boot { file("/var/log/boot.log"); }; # ------------------------ # Configuração dos filtros # ------------------------ filter f_kern { facility(kern); }; filter f_mail { facility(mail); }; filter f_authpriv { facility(authpriv); }; filter f_uucp { facility(cron); }; filter f_news { facility(news); }; filter f_local7 { facility(local7); }; filter f_info { level(info); }; filter f_crit { level(crit); }; filter f_emerg { level(emerg); }; filter f_notice { level(notice); }; # ------------------------ # Arquivos de destino # ------------------------ log { source(src); filter(f_kern); destination(console); }; log { source(src); filter(f_info); destination(messages); }; log { source(src); filter(f_authpriv); destination(secure); }; log { source(src); filter(f_mail); destination(maillog); }; log { source(src); filter(f_uucp); filter(f_crit); destination(spooler); }; log { source(src); filter(f_local7); destination(boot); }; #log { source(src); filter(f_authpriv); destination(remote_net); }; # ---8<--------------------------------------------------------- [root@patolino syslog-ng-1.4.4]# syslog-ng -d -v parse error at 33 Parse error reading configuration file, exiting. [root@patolino syslog-ng-1.4.4]# [root@patolino syslog-ng-1.4.4]# strace syslog-ng -d -v [snips] brk(0x8059000) = 0x8059000 open("/etc/syslog-ng/syslog-ng.conf", O_RDONLY) = 3 brk(0x805e000) = 0x805e000 ioctl(3, TCGETS, 0xbffff834) = -1 ENOTTY (Inappropriate ioctl for device) read(3, "#\n# Syslog-ng configura\347\343o para "..., 8192) = 2121 read(3, "", 6071) = 0 write(2, "parse error at 33\n", 18parse error at 33 ) = 18 close(3) = 0 write(2, "Parse error reading configuratio"..., 49Parse error reading configuration file, exiting. ) = 49 _exit(1) = ? [root@patolino syslog-ng-1.4.4]# Sniff :( not works ... a more SIMPLE conf : ---------8<----------- options { long_hostnames(off); sync(0); }; source src { unix-stream("/dev/log"); internal(); }; source net { udp(ip(10.0.2.4) port(514)); }; destination messages { file("/var/log/messages"); }; destination remotenet { udp(ip("10.0.0.10") port("514")); }; filter f_info { level(info); }; log { source(src); filter(f_info); destination(messages); }; log { source(net); filter(f_info); destination(remotenet); }; ------------8<------------- [root@patolino syslog-ng]# syslog-ng -d -v parse error at 5 Parse error reading configuration file, exiting. [root@patolino syslog-ng]# other combinations: source net { udp(ip("10.0.2.4") port("514")); }; source net { udp(10.0.2.4 514); }; source net { udp(10.0.2.4, 514); }; source net { udp("10.0.2.4" "514"); }; source net { udp(10.0.2.4) port(514); }; source net { udp(10.0.2.4); port(514); }; source net { udp(ip("10.0.2.4") port("514");); }; source net { udp(ip("10.0.2.4") { port("514")};); }; no way... i got same errors :((( I do not undersand the lex-algoritm in source code ... i will try more... Any Help?? I would like to do this program to work in our machines (remote log) ... What i doing wrong?? I see the manuals, helps, web-list.. :(( and why "destination" and "source" have diferent sintax?? too strange... :( Its appers too simple, but i not got any coerent debug to undertand whats happen.. Thanks in advanced, Any help are wellcome. Ps.: im still tring to do this program works with remote log, but fails. Leonardo Marques de Souza +--------------------------+ | Conectiva S/A | |Curitiba - Paraná - Brazil| | Suporte Interno | +--------------------------+ On Thu, 15 Jun 2000, Hamilton, Andrew Mr. wrote:
Yes, there is a problem the line should read
destination remotenet { udp("10.0.0.10" port(514)); };
??? destination remotenet { udp("10.0.0.10"); port(514); }; destination remotenet { udp("10.0.0.10" {port("514")}; ); }; Thanks!! but i tried and nothing happens...
The port statement goes inside the parentheses since it is a function of udp for a destination. sources are a little different. hummm ok.. thanks!