Thank you for your reply. I'll try to upgrade syslog-ng or modify configuration. Thnaks. On Fri, 19 Oct 2012 10:33:04 +0200 Gergely Nagy <algernon@balabit.hu> wrote:
Tomoki BENIYA <beniya@bit-isle.co.jp> writes:
I installed syslog-ng3.3.6_3 using ports on FreeBSD9.0-RELEASE(i386). I can't get kernel messages by default configuration. ex. em0: link state changed to DOWN em0: link state changed to UP
But, I can see them using 'cat /dev/klog' after stoppedsyslog-ng. So, I think syslog-ng can't get kermel messages from /dev/klog.
This should be fixed in 3.3.7RC2 (or 3.3.6.91), sysutils/syslog-ng-rc from ports should make upgrading easy.
source s_kern { file("/dev/klog"); };
You might want to use the system() source here, or add a few flags to this:
file("/dev/klog" follow-freq(0) program-override("kernel") flags(no-parse));
-- |8]
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
-- Tomoki BENIYA <beniya@bit-isle.co.jp>