I am trying to use syslog-ng to monitor some files and push anything added to the file out to a splunk instance. Everytime syslong-ng starts, there is a burst of traffic, but nothing after that. I've run it manually in debug mode to see if there is anything, but I don't get any output. I'm thinking there is an issue with the config file, but I'm not sure what the problem might be. I took the stock config file (as it comes from Ubuntu 10.04.2: syslog-ng 2.0.9-4.2) and added several sources, filters and log directives all going to one destination: # Additional sources to monitor IW destination d_remote { tcp("10.170.230.60" , port(4957)); }; source s_nginx_20 { file ("/iw-deploy/log/access-client-internal.log" log-prefix("access-client-internal: ")); }; source s_nginx_21 { file ("/iw-deploy/log/access-client.log" log-prefix("access-client: ")); }; source s_nginx_22 { file ("/iw-deploy/log/access-server.log" log-prefix("access-client-server: ")); }; source s_nginx_23 { file ("/iw-deploy/log/celeryd.log" log-prefix("celeryd: ")); }; source s_nginx_24 { file ("/iw-deploy/log/error.log" log-prefix("error-log: ")); }; source s_nginx_25 { file ("/iw-deploy/log/installer.log" log-prefix("installer: ")); }; source s_nginx_26 { file ("/iw-deploy/log/island_gen.log" log-prefix("island_gen: ")); }; source s_nginx_27 { file ("/iw-deploy/log/persistence.log" log-prefix("persistence: ")); }; source s_nginx_28 { file ("/iw-deploy/log/sec.log" log-prefix("sec: ")); }; source s_nginx_29 { file ("/iw-deploy/log/worship1.log" log-prefix("worship1: ")); }; source s_nginx_30 { file ("/iw-deploy/log/worship2.log" log-prefix("worship2: ")); }; source s_nginx_31 { file ("/iw-deploy/log/worship_ff1.log" log-prefix("worship_ff1: ")); }; source s_nginx_32 { file ("/iw-deploy/log/worship_router.log" log-prefix("worship_router: ")); }; source s_nginx_33 { file ("/iw-deploy/log/persistence.err" log-prefix("persistence_err: ")); }; filter f_nginx_20 { match("access-client-internal: "); }; filter f_nginx_21 { match("access-client: "); }; filter f_nginx_22 { match("access-client-server: "); }; filter f_nginx_23 { match("celeryd: "); }; filter f_nginx_24 { match("error-log: "); }; filter f_nginx_25 { match("installer: "); }; filter f_nginx_26 { match("island_gen: "); }; filter f_nginx_27 { match("persistence: "); }; filter f_nginx_28 { match("sec: "); }; filter f_nginx_29 { match("worship1: "); }; filter f_nginx_30 { match("worship2: "); }; filter f_nginx_31 { match("worship_ff1: "); }; filter f_nginx_32 { match("worship_router: "); }; filter f_nginx_33 { match("persistence_err: "); }; log { source(s_nginx_20); filter(f_nginx_20); destination(d_remote); flags(catchall); }; log { source(s_nginx_21); filter(f_nginx_21); destination(d_remote); flags(catchall); }; log { source(s_nginx_22); filter(f_nginx_22); destination(d_remote); flags(catchall); }; log { source(s_nginx_23); filter(f_nginx_23); destination(d_remote); flags(catchall); }; log { source(s_nginx_24); filter(f_nginx_24); destination(d_remote); flags(catchall); }; log { source(s_nginx_25); filter(f_nginx_25); destination(d_remote); flags(catchall); }; log { source(s_nginx_26); filter(f_nginx_26); destination(d_remote); flags(catchall); }; log { source(s_nginx_27); filter(f_nginx_27); destination(d_remote); flags(catchall); }; log { source(s_nginx_28); filter(f_nginx_28); destination(d_remote); flags(catchall); }; log { source(s_nginx_29); filter(f_nginx_29); destination(d_remote); flags(catchall); }; log { source(s_nginx_30); filter(f_nginx_30); destination(d_remote); flags(catchall); }; log { source(s_nginx_31); filter(f_nginx_31); destination(d_remote); flags(catchall); }; log { source(s_nginx_32); filter(f_nginx_32); destination(d_remote); flags(catchall); }; log { source(s_nginx_33); filter(f_nginx_33); destination(d_remote); flags(catchall); }; ######