What is all this junk (msftedit and \par)?  Did you copy this file off and edit it on a windows machine?  Can you find an the original syslog-ng.conf that was shipped with the machine and edit that with 'vi' or something?   Is syslog-ng even running?  It probably barfed on this config.. grep for syslog-ng in your /var/log/messages and send the last few lines.

{\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs20 #\par
# /etc/syslog-ng/syslog-ng.conf\par
#\par
# Automatically generated by SuSEconfig on Sat Aug 15 12:16:03 EDT 2009.\par
#\par
# PLEASE DO NOT EDIT THIS FILE!\par
#\par
# you can modify /etc/syslog-ng/syslog-ng.conf.in instead\par
#\par
#\par
#\par
# File format description can be found in syslog-ng.conf(5)\par
# and /usr/share/doc/packages/syslog-ng/syslog-ng.txt.\par
#\par
\par
#\par
# Global options.\par
#\par
options \{ long_hostnames(off); sync(0); perm(0640); stats(3600); \};\par
\par
#\par
# 'src' is our main source definition. you can add\par
# more sources driver definitions to it, or define\par
# your own sources, i.e.:\par
#\par
#source my_src \{ .... \};\par
#\par
source src \{\par
        #\par
        # include internal syslog-ng messages\par
        # note: the internal() soure is required!\par
        #\par
        internal();\par


On Sat, Aug 15, 2009 at 12:19 PM, <stephen.greenfield@wachovia.com> wrote:

I should have sent more detail originally.

        system:                        SLES10 PatchLevel 1

        release:                syslog-ng-1.6.8-20.18

        server function:                syslog server, collecting syslog's from various clients

        problem:                want to open port 514 to collect syslog info over network

        description:                without changing the default syslog-ng.conf, the server
                                collects local syslog information, I uncomment the udp
                                source entry and restart the daemon.  The syslog-ng
                                then shows listening on various ports, never constant
                                and never port 514.



# netstat -anp | grep LISTEN | grep 53
unix  2      [ ACC ]     STREAM     LISTENING     5364   2161/acpid          /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     5307   2134/resmgrd        /var/run/.resmgr_socket



syslog-ng-bounces@lists.balabit.hu wrote on 08/15/2009 11:09:23 AM:


> Post your config.  Also, try 'netstat -anp |
> grep LISTEN | grep 53' and post that (so there
> is no services resolving issue).
>
> -Matt

> On Sat, Aug 15, 2009 at 10:27 AM, <stephen.
> greenfield@wachovia.com> wrote:
>
> I configure syslog-ng to use udp port 514, on
> the syslog server receiving log messages.  When
> I issue a `netstat -lp | grep syslog` it shows
> different ports but never 514.  Any ideas why?
>
> /steve

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html





--
Some men see things as they are and ask why. I see things that never were and ask for initiative rolls.