What is all this junk (msftedit and \par)? Did you copy this file off and edit it on a windows machine? Can you find an the original syslog-ng.conf that was shipped with the machine and edit that with 'vi' or something? Is syslog-ng even running? It probably barfed on this config.. grep for syslog-ng in your /var/log/messages and send the last few lines. {\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs20 #\par # /etc/syslog-ng/syslog-ng.conf\par #\par # Automatically generated by SuSEconfig on Sat Aug 15 12:16:03 EDT 2009.\par #\par # PLEASE DO NOT EDIT THIS FILE!\par #\par # you can modify /etc/syslog-ng/syslog-ng.conf.in instead\par #\par #\par #\par # File format description can be found in syslog-ng.conf(5)\par # and /usr/share/doc/packages/syslog-ng/syslog-ng.txt.\par #\par \par #\par # Global options.\par #\par options \{ long_hostnames(off); sync(0); perm(0640); stats(3600); \};\par \par #\par # 'src' is our main source definition. you can add\par # more sources driver definitions to it, or define\par # your own sources, i.e.:\par #\par #source my_src \{ .... \};\par #\par source src \{\par #\par # include internal syslog-ng messages\par # note: the internal() soure is required!\par #\par internal();\par On Sat, Aug 15, 2009 at 12:19 PM, <stephen.greenfield@wachovia.com> wrote:
I should have sent more detail originally.
system: SLES10 PatchLevel 1
release: syslog-ng-1.6.8-20.18
server function: syslog server, collecting syslog's from various clients
problem: want to open port 514 to collect syslog info over network
description: without changing the default syslog-ng.conf, the server collects local syslog information, I uncomment the udp source entry and restart the daemon. The syslog-ng then shows listening on various ports, never constant and never port 514.
# netstat -anp | grep LISTEN | grep 53 unix 2 [ ACC ] STREAM LISTENING 5364 2161/acpid /var/run/acpid.socket unix 2 [ ACC ] STREAM LISTENING 5307 2134/resmgrd /var/run/.resmgr_socket
syslog-ng-bounces@lists.balabit.hu wrote on 08/15/2009 11:09:23 AM:
Post your config. Also, try 'netstat -anp | grep LISTEN | grep 53' and post that (so there is no services resolving issue).
-Matt
On Sat, Aug 15, 2009 at 10:27 AM, <stephen. greenfield@wachovia.com> wrote:
I configure syslog-ng to use udp port 514, on the syslog server receiving log messages. When I issue a `netstat -lp | grep syslog` it shows different ports but never 514. Any ideas why?
/steve
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- Some men see things as they are and ask why. I see things that never were and ask for initiative rolls.