Hi,

I have just installed syslog-ng on Redhat enterprise 4.

I am using it as remote logging server for a syslog-ng client.

Here is my remote logging configuration:

 

source s_remote {

        tcp(ip(0.0.0.0) port(514));

        udp(ip(0.0.0.0) port(514));

};

 

destination d_separatedbyhosts {

        file("/var/log/syslog-ng/$HOST/messages" owner("root") group("root") perm(0640) dir_perm(0750) create_dirs(yes));

};

 

log { source(s_remote); destination(d_separatedbyhosts); };

 

I am getting the following error message in  /var/log/syslog-ng.log on the same machine using tail

 

"cannot open file /var/log/syslog-ng/host1messages for writing (Permission denied)"

 

I have tried to create the file myself and give it 777 permission along with all the directories /var, /var/log, /var/log/syslog-ng

 

If you notice here,

1-       syslog-ng is writing error messages from the same machine to /var/log/syslog-ng which means syslog-ng is working well for local logging on the same machine ( I have stopped syslogd).

2-       The error has a file name "host1messages" while in the configuration file it is "/$HOST/messages"

3-       I am accessing the syslog-ng server using remote SSH from windows using putty client. When I open the /var/log/syslog-ng.log file using "vi" I got a strange character instead of "/" in the previous error message between "host1" and "messages". While - as you have seen above - using tail I do not get any character neither / nor the strange one in the syslog-ng file.

 

Kind regards