Hello All, Thank you for your response. The protocol used is: UDP This is a screenshot that shows that Solaris (where syslog-ng) is running receives the log in two diffrent lines. Can this explain why the flag "no-multi-linme" in syslog-ng (in Solaris) is not working? Thank you so much beforehand. Best regards, Alan Sam [image: Inline image 1] On Wed, Apr 29, 2015 at 5:26 AM, PÁSZTOR György < pasztor@linux.gyakg.u-szeged.hu> wrote:
Hi,
"Alan Sam" <samsiu.a@gmail.com> írta 2015-04-28 11:51-kor:
If more information is required, please do not hesitate to ask for it.
Can you record at least one pair of logs into a pcap file? (On solaris you can use snoop instead of tcpdump, the filtering syntax is very similar, maybe the same, only the switches and options are different from tcpdump) I would look that closer.
Kind regards, György Pásztor
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
