Hello, I am having problems getting syslog-ng to work with the iptables logging facility under linux. The iptables rules allow logging and it works fine with the standard klogd/syslogd loggers with RedHat 7.1. I believe that the default kernel messeges use kern.warn as the facility.priority. When I replace syslogd with syslog-ng (and keep using the default klogd) I no longer receive any of the kernel messages. I have tried both of the following filter lines filter f_warn { level(warn); }; and filter f_kern { facility(kern); }; I can get all of the other looging to work, I am only having problems with the kernel messages? Has anyone else had this problem? Thanks Ken
On Sun, May 13, 2001 at 10:53:08PM -0400, Ken Armstrong wrote:
Hello,
I am having problems getting syslog-ng to work with the iptables logging facility under linux.
The iptables rules allow logging and it works fine with the standard klogd/syslogd loggers with RedHat 7.1. I believe that the default kernel messeges use kern.warn as the facility.priority.
When I replace syslogd with syslog-ng (and keep using the default klogd) I no longer receive any of the kernel messages.
RedHat uses unix-dgram instead of unix-stream for incoming messages, so change your local source accordingly. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
Thanks - That solved the problem. . Ken -----Original Message----- From: syslog-ng-admin@lists.balabit.hu [mailto:syslog-ng-admin@lists.balabit.hu]On Behalf Of Balazs Scheidler Sent: May 14, 2001 4:13 AM To: syslog-ng@lists.balabit.hu Subject: Re: [syslog-ng]Syslog-ng and Linux iptables On Sun, May 13, 2001 at 10:53:08PM -0400, Ken Armstrong wrote:
Hello,
I am having problems getting syslog-ng to work with the iptables logging facility under linux.
The iptables rules allow logging and it works fine with the standard klogd/syslogd loggers with RedHat 7.1. I believe that the default kernel messeges use kern.warn as the facility.priority.
When I replace syslogd with syslog-ng (and keep using the default klogd) I no longer receive any of the kernel messages.
RedHat uses unix-dgram instead of unix-stream for incoming messages, so change your local source accordingly. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng
participants (2)
-
Balazs Scheidler
-
Ken Armstrong