I am running SUSE 9.1 and I have syslog-ng logging information from our PIX. After a rotate is done the file is compressed and rotated but syslog-ng keeps logging to the compressed file instead of the newly created file. Any help would be greatly appreciated. Here are my conifgs. If you need anymore information I will gladly send it. /etc/logrotate.d/syslog /var/log/pix/voclog { rotate 4 daily compress delaycompress postrotate # kill -HUP `cat /var/run/syslog-ng.pid` # /bin/kill -HUP `cat /var/run/syslog-ng.pid 2> /dev/null` 2> /dev/null ||true /etc/init.d/syslog reload /etc/init.d/apache2 reload endscript } /etc/syslog-ng/syslog-ng.conf source src { # # include internal syslog-ng messages # note: the internal() soure is required! # unix-stream("/dev/log"); internal(); tcp(); udp(); # # the following line will be replaced by the # socket list generated by SuSEconfig using # variables from /etc/sysconfig/syslog: # #@SuSEconfig_SOCKETS@ # # # uncomment to process log messages from network: # #udp(ip("0.0.0.0") port(514)); }; # # filter definitions # filter voclog { facility(local5); }; filter vpnlog { facility(local7); }; destination voclog { file("/var/log/pix/voclog"); }; log { source(src); filter(voclog); destination(voclog); }; destination vpnlog { file("/var/log/vpnlog"); }; log { source(src); filter(vpnlog); destination(vpnlog); }; Keith Rechtorik Network Administrator Information Systems and Technology krechtorik@vocollect.com * CONFIDENTIAL, PRIVILEGED COMMUNICATION * This e-mail transmission is private and intended for the addressee(s) only. It may contain information that is privileged and/or confidential. If you have received this transmission in error, you are not authorized to read, copy, disclose or disseminate it in any manner. If you have received it in error, please delete it and all copies (including backup copies) that have been made, and transmit a reply message informing the sender that it was misdirected.