I got that part fixed thanks Zoltan. My next question is I set up this box (AIX 5.3) to be the central server and configure a client to forward syslog and it looks like the client is doing it:

 

# /usr/sbin/syslogd -d

0821-600 /usr/sbin/syslogd: continuing without SRC support

syslogd: bind: errno = 67

logmsg: pri 53, flags 8, from t01labax08, msg syslogd: bind: errno = 67

off & running....

init

cfline(*.debug  @10.13.6.83)

cfline(*.debug;mail.none        @10.13.6.83)

cfline(*.crit   @10.13.6.83)

cfline(mail.debug       @10.13.6.83     )

7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FORW: 10.13.6.83

7 7 X 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FORW: 10.13.6.83

2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 X FORW: 10.13.6.83

X X 7 X X X X X X X X X X X X X X X X X X X X X X FORW: 10.13.6.83

logmsg: pri 56, flags 8, from t01labax08, msg syslogd: restart

Logging to FORW 10.13.6.83

Logging to FORW 10.13.6.83

syslogd: restarted

readfds = 0x10

got a message (-1, 0x10)

readfds = 0x10

got a message (-1, 0x10)

 

10.13.6.83 is my designated server and its seems it is not getting the forwarded log messages, here is how my syslog.conf for remote logging:

 

source s_tcp {

#       syslog(transport(tcp));

        udp(ip(10.13.6.83) port(514));

        tcp(ip(10.13.6.83) port(5149) max-connections(333));

};

 

destination d_tcp {

        file("/var/log/messages_tcp" owner("root") group("adm") perm(0640));

};

 

I do not see any traffic coming to my client t01labax08 going to my syslog server and /var/log/messages_tcp not even been created. Again what am I missing here? Sorry I’m syslog-ng newbie here….

 

 

 

 

Hi,
replace this line:
source s_network { syslog(transport(tcp))};
with this one(missing semicolon at the end of last bracket):
source s_network { syslog(transport(tcp));};
2010.03.18. 19:29 keltezéssel, Lozada, Agustin T írta: