Hi kokan,
Thanks for your quick response.
Will test the same and get back..

Regards
Venkat


On Sat 29 Sep, 2018, 15:34 Péter, Kókai, <peter.kokai@oneidentity.com> wrote:
Hello,

Sorry to keep you hanging there. You could use *template* to get any kind of format you want, but for syslog there is also a flags option. Simply udo6( ... flags(syslog-protocol)); should be the same as syslog(...);


--
Kokan

On Sat, Sep 29, 2018 at 3:16 AM venkateswarlu vinjamuri <venkates.vin@gmail.com> wrote:
HI Kokan,
Could you please let me the info for my previous email? 


Regards,
V/

On Fri, Sep 28, 2018 at 3:13 PM venkateswarlu vinjamuri <venkates.vin@gmail.com> wrote:
Thanks for your reply,

For non RFC-5424 format, IPV6 config is as below and is working fine, with syslog-ng-3.3.7 version 
destination df_remote_0 {udp6("::1");};
Hence we tried with the below config for RFC-5424 with IPV6:
destination df_remote_0 {syslog("::1" transport("udp6"));}; and you mentioned there is no such protocol, which I agree with you.

To let you know that, we have installed latest version of syslog-ng and the configuration mentioned by you as below is working.
destination df_remote_0 {syslog(":1" transport("udp") ip-protocol(6));};
But this same config is not working in syslog-ng-3.3.7 verision with RFC-5424.format and IPV6.

My question is :
In syslog-ng-3.3.7 version, does RFC-5424 format supported with IPV6 ?
If so could you please share the config ?

Please share you inputs for the version syslog-ng-3.3.7.?

Thanks & Regards,
V/

On Thu, Sep 27, 2018 at 9:35 PM Péter, Kókai <peter.kokai@oneidentity.com> wrote:
Hello,

I do not really have 3.3.7 version at my hand, so I did not really dig in if that version supports or not. Well it seems it is from v3.4.1, for this option you have to update at least to that.

I do not see a reason why won't it work, and you could use stuff like system() source.

--
Kokan

On Thu, Sep 27, 2018 at 5:44 PM venkateswarlu vinjamuri <venkates.vin@gmail.com> wrote:
Thanks kokan for your reply,

I am getting the below error after making the change as you suggested
destination df_remote_0 {syslog("::1" transport("udp") ip-protocol(6));};

Error:
=====
Error parsing afsocket, inner-dest plugin ip-protocol not found in /etc/syslog-ng/syslog-ng.conf at line 45, column 78:
destination df_remote_0 {syslog(":1" transport("udp") ip-protocol(6));};
                                                                             ^^^^^^^^^^^
Please suggest.

Regards,
V/

On Thu, Sep 27, 2018 at 7:56 PM Péter, Kókai <peter.kokai@oneidentity.com> wrote:
Hello,

The error message lists the correct transport methods: *please use one of udp, tcp, or tls;* 
There is no such option udp6, you could use specify ipv6 via ip-protocol(4/6)

All together syslog("::1" transport("udp") ip-protocol(6)); should work.

--
Kokan

On Thu, Sep 27, 2018 at 4:09 PM venkateswarlu vinjamuri <venkates.vin@gmail.com> wrote:
Hi,

issue: syslog-ng is not starting if we configure IPV6 IP along with RFC-5424 format
Using below command to run syslog-ng:
/sbin/syslog-ng -f /etc/syslog-ng/syslog-ng.conf -R /var/syslog-ng.persist -p /var/syslog-ng.pid

Getting the below error:
------------------------------
syslog-ng: Error changing to 
Unknown syslog transport specified, please use one of udp, tcp, or tls; transport='udp6', id='df_remote_0#0'

Could anyone please let me know what should be the configuration in syslog-ng.conf for IPV6 syslog-ng server IP with RFC-5424 format.

we are using syslog-ng-3.3.7 version.

If the below configuration is correct, will it work if we upgrade to newer version with the below configuration?

I am using the below configuration in syslog-ng.conf:
========================================
options {
  stats_freq (0);
  flush_lines (0);
  time_reopen (10);
  log_fifo_size (10000);
  chain_hostnames (off);
  use_dns (no);
  create_dirs (no);
  keep_hostname (no);
  perm(0640);
  group("root");
};


# sources
source s_all {
 internal(); 
unix-stream("/dev/log"); 
file("/proc/kmsg" program_override("kernel: "));
 };


filter f_remote { facility(local7); };
destination df_remote_0 {syslog("xxxx:xxxx:xxxx:xxxx:xxxx" transport("udp6"));};
log { source(s_all); filter(f_remote); destination(df_remote_0

Please help if there is any issue in the above configuration?

Regards,
V/
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq