Hi Rodney, "Rodney Bizzell" <hardworker30@gmail.com> írta 2018-11-12 13:28-kor:
So I upgraded to syslog-ng 3.18 and it has syslog-ng-debun options. I was
Just to run syslog-ng-debun, you should not had to upgrade your syslog-ng. syslog-ng-debun is a simple all in one portable shell script which's purpose is to gather information about any kind of syslog-ng installation. Always safe to use the latest one of this from the master branch, as I suggested to download via wget.
reading through the documentation and when I issue syslog-ng-debun -d -P 'port 12201' should I see anything on standard out because all that happen was it displayed the options for the command. That is all that happened
Yepp. In the meantime János Szigetrvári added an extra -r option to the script and that changed the default behaviour. Without the -r option it's just a "--dry-run"-ish parametering. It does nothing, except test the parameters. You can see that changeset following this link: https://github.com/balabit/syslog-ng/commit/f9312f87b758c450c6108abe8da9cf0b... So, from that point on, every syslog-ng-debun command should be replaced with the same, just adding an extra -r option. Which in your case, means: you should've run: syslog-ng-debun -r -d -P 'port 12201'
when I issued the command below in this email. I tried to run syslog-ng-debun -r and that executed and created a tarball.
Yep. This -r -d -P 'port 12201' will also create a tarball. Just a more useful one: It will run tcpdump in the bacground, to collect network traffic at the same time, matching the "port 12201" filtering expression. Btw.: Make sure, you have tcpdump installed on the system. Otherwise the script won't be able to run tcpdump. When you finished, we need that tarball what the script created. Regards, Gyu