On Thu, Nov 07, 2002 at 03:41:16PM +0100, D. Pille wrote:

Hello Balázs,

I would like to migrate our servers from syslog to syslog-ng (we´re using SuSE 5.4 to 8.1, some clustered, mostly all Internet). Can you say about the next stable release or better: Should I use 1.4x now and then I can switch over to 1.5x - without greater reconfigurations?

1.5.x is mostly upward compatible, except for the DEFAULT filter that was present in 1.4.x 1.5.x is quite stable since the last bug (involving an off-by-one I announced a couple of weeks ago) was fixed. I'm planning to release 1.6.0 soon.

And another questions:

source src { pipe("/proc/kmsg"); unix-stream("/dev/log"); internal(); };

Is this source definition enough to leave klogd behind?

yet. I prefer using a file() source for /proc/kmsg, but pipe() and file() are mostly the same. you might change kernel logging to avoid getting kernel messages on the console (klogd automatically does this for you, syslog-ng doesn't, you need an explicit dmesg call for that): dmesg -n1 for no logs.

Is it possible to use "pipe" in this manner for other logs - like them from proftpd? It´s for me not clear how to grep a log message in a logfile to a central log-server when the source isn´t at /proc or /dev. Will "pipe" as source driver look around the file and, if a new line appears, pipe this new lines?

no, syslog-ng1.5 doesn't support growing files. syslog-ng 2 does, but it's not yet released ;) -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1