Using logger with syslog-ng
Hi all, I am new syslog-ng user. I am trying to figure out how to get a loghost going and taking baby steps with the documentation available :-) I got syslog-ng configured on a Linux server as such: source s_test { tcp(ip(0.0.0.0) port(514)); }; destination d_test { file("/var/log/test.log"); }; log { source(s_test); destination(d_test); }; I can connect to localhost on 514 fine: telnet localhost 514 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. So it appears that syslog-ng is at least running fine. I would like to use logger to send a test log message to syslog-ng. I googled and looked at the FAQ and docs but cannot find a way. Can anyone help or point me to a relevant document I could read? :-) Thanks!
On Tue, Dec 14, 2004 at 12:08:15PM -0800, Vaibhav Goel wrote:
I am new syslog-ng user. I am trying to figure out how to get a loghost going and taking baby steps with the documentation available :-)
I got syslog-ng configured on a Linux server as such:
source s_test { tcp(ip(0.0.0.0) port(514)); };
logger uses the standard Unix syslog library to send its messages. That library doesn't know how to send messages via TCP. Also, you didn't mention what OS you were running, chances are close to 100% that your OS libraries by default send syslog messages via a local IPC method like a Unix domain socket. You'll need to tell syslog-ng to listen for packets coming in on that method. It would be nice if we had a version of logger where you could specify the transport method - it would be good for testing syslog-ng when you're setting up centralized servers. Patches anyone?
Hi Ed, Thanks for your prompt reply. It is as I suspected....I won't be able to use logger to test. I am running RedHat Linux. Please note that syslogd and syslog-ng need to co-exist on the source as well as the loghost. I see in the FAQ that this is possible. Should I get syslog-ng to listen on the UDP port 514 meant for syslogd? Is there any quick way I can test this setup? Thanks, Vaibhav Goel On Tue, 2004-12-14 at 12:25, Ed Ravin wrote:
On Tue, Dec 14, 2004 at 12:08:15PM -0800, Vaibhav Goel wrote:
I am new syslog-ng user. I am trying to figure out how to get a loghost going and taking baby steps with the documentation available :-)
I got syslog-ng configured on a Linux server as such:
source s_test { tcp(ip(0.0.0.0) port(514)); };
logger uses the standard Unix syslog library to send its messages. That library doesn't know how to send messages via TCP. Also, you didn't mention what OS you were running, chances are close to 100% that your OS libraries by default send syslog messages via a local IPC method like a Unix domain socket. You'll need to tell syslog-ng to listen for packets coming in on that method.
It would be nice if we had a version of logger where you could specify the transport method - it would be good for testing syslog-ng when you're setting up centralized servers. Patches anyone? _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
On Tue, Dec 14, 2004 at 12:35:41PM -0800, Vaibhav Goel wrote:
Thanks for your prompt reply. It is as I suspected....I won't be able to use logger to test.
I am running RedHat Linux. Please note that syslogd and syslog-ng need to co-exist on the source as well as the loghost. I see in the FAQ that this is possible. Should I get syslog-ng to listen on the UDP port 514 meant for syslogd? Is there any quick way I can test this setup?
If you tell syslog-ng to listen to the UDP port, then you can write a Perl script using the Sys::Syslog module (which comes with Perl 5 and later) to do your testing. If you already know some Perl, that should be pretty quick.
participants (2)
-
Ed Ravin
-
Vaibhav Goel