Hi everyone,

I compiled version 3.3.3 and tried getting a client and server to talk based on the documentation on the balabit site, specifically the documentation for OSE version 3.3.

The server config file:

source remotelogs { syslog( port(2072) transport(tcp) ); } ;

destination r_log { file("/var/log/remotelogs/all"); };

log{ source(remotelogs); destination(r_log); } ;

And the client sending:

# remote logging test log

@version: 3.3

source s_kern { file("/proc/kmsg"); };

source s_local { unix-stream("/dev/log"); internal(); };

destination d_file {file("/var/log/messages"); };

destination d_secure { file("/var/log/secure");};

# set the filters

filter f_messages { not facility(auth, authpriv);};

filter f_authpriv { facility(auth, authpriv); };

destination loghost { tcp(10.195.105.214 port(2072) ); };

log { source(s_kern) ; source(s_local) ; filter(f_messages) ; destination(loghost) ; } ;

There are some other log directives there for local files, I'll post them if people want to see them

So when this runs, I get on the server:

Dec 7 11:18:05 xxxxxxxxxx syslog-ng[4188]: Syslog connection closed; fd='21', client='AF_INET(10.203.54.9:54837)', local='AF_INET(0.0.0.0:2072)'

And the client:

Dec 7 11:19:04 xxxxxxxxxxxx syslog-ng[1735]: Syslog connection established; fd='20', server='AF_INET(10.195.105.214:2072)', local='AF_INET(0.0.0.0:0)'

I read the email thread from 2009, and tried the vanilla configs - any ideas?

Thanks,

Jan