logs are not generated and managed by syslog-ng but it is started properly
Dear All, I am trying to configure syslog-ng package for managing logs, but there is some where something wrong in my configuration such that it is not generatinglogs below file is quite long #vi /usr/local/etc/syslog-ng/syslog-ng.conf code: options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (on); use_fqdn (yes); create_dirs (no); chain_hostnames(no); keep_hostname (yes); perm(0644); dir_perm(0755); }; source s_sys { unix-stream ("/dev/log"); internal(); }; source s_udp { udp(); }; source kernel_file { file("/proc/kmsg"); }; destination d_cons { file("/dev/console"); }; destination d_spol { file("/var/log/spooler.log"); }; destination d_mesg { file("/var/log/messages.log"); }; destination d_auth { file("/var/log/secure.log"); }; destination d_uucp { file("/var/log/uucp.log"); }; destination d_boot { file("/var/log/boot.log"); }; destination d_mlal { usertty("*"); }; destination d_kern { file("/var/log/kernel.log"); }; destination numetrace { file("/var/log/numetrace.log"); }; destination nume { file("/var/log/nume.log"); }; destination postgres { file("/var/log/postgres.log"); }; destination php { file("/var/log/local2.log"); }; destination boot { file("/var/log/boot.log"); }; destination cron { file("/var/log/cron.log"); }; destination daemon { file("/var/log/daemon.log"); }; destination ftp { file("/var/log/ftp.log"); }; destination lpr { file("/var/log/lpr.log"); }; destination mail { file("/var/log/maillog"); }; destination news { file("/var/log/news.log"); }; destination syslog { file("/var/log/syslog.log"); }; destination user { file("/var/log/user.log"); }; destination local3 { file("/var/log/local3.log"); }; destination local4 { file("/var/log/local4.log"); }; destination local5 { file("/var/log/local5.log"); }; destination local6 { file("/var/log/local6.log"); }; destination emerg { file("/var/log/emerg.log"); }; destination crit { file("/var/log/crit.log"); }; destination alert { file("/var/log/alert.log"); }; destination err { file("/var/log/err.log"); }; destination warning { file("/var/log/warning.log"); }; filter cons { facility(kern); }; filter spooler { facility(uucp) or (facility(news) and level(crit)); }; filter mesg { level(info, notice, warning, err, crit, alert, emerg) and facility(kern, uucp, news, local3, local4, local5, local6, daemon, ftp, lpr); }; filter auth { facility(authpriv); }; filter emerg { level(emerg); }; filter uucp { facility(uucp); }; filter cron { facility(cron); }; filter kern_debug { facility(kern); }; filter postgres { facility(local0); }; filter nume_trace { facility(local1); }; filter nume { facility(local1) and level(info, notice, warning, err, crit, alert, emerg); }; filter php { facility(local2); }; filter local3 { facility(local3); }; filter local4 { facility(local4); }; filter local5 { facility(local5); }; filter local6 { facility(local6); }; filter boot { facility(local7); }; filter daemon { facility(daemon); }; filter ftp { facility(ftp); }; filter lpr { facility(lpr); }; filter mail { facility(mail); }; filter news { facility(news); }; filter syslog { facility(syslog); }; filter user { facility(user); }; filter warning { level(warning); }; filter crit { level(crit, alert, emerg); }; filter alert { level(alert, emerg); }; filter err { level(err, crit, alert, emerg); }; log { source(s_sys); source(s_udp); filter(cons); destination(d_cons); }; log { source(s_sys); source(s_udp); filter(mesg); destination(d_mesg); }; log { source(s_sys); source(s_udp); filter(auth); destination(d_auth); }; log { source(s_sys); source(s_udp); filter(emerg); destination(d_mlal); }; log { source(s_sys); source(s_udp); filter(uucp); destination(d_uucp); }; log { source(s_sys); source(s_udp); filter(boot); destination(boot); }; log { source(s_sys); source(s_udp); filter(php); destination(php); }; log { source(s_sys); source(s_udp); filter(postgres); destination(postgres); }; log { source(s_sys); source(s_udp); filter(nume_trace); destination(numetrace); }; log { source(s_sys); source(s_udp); filter(nume); destination(nume); }; log { source(s_sys); source(s_udp); source(kernel_file); filter(kern_debug); destination(d_kern); }; log { source(s_sys); source(s_udp); filter(cron); destination(cron); }; log { source(s_sys); source(s_udp); filter(daemon); destination(daemon); }; log { source(s_sys); source(s_udp); filter(ftp); destination(ftp); }; log { source(s_sys); source(s_udp); filter(lpr); destination(lpr); }; log { source(s_sys); source(s_udp); filter(mail); destination(mail); }; log { source(s_sys); source(s_udp); filter(news); destination(news); }; log { source(s_sys); source(s_udp); filter(syslog); destination(syslog); }; log { source(s_sys); source(s_udp); filter(user); destination(user); }; log { source(s_sys); source(s_udp); filter(local3); destination(local3); }; log { source(s_sys); source(s_udp); filter(local4); destination(local4); }; log { source(s_sys); source(s_udp); filter(local5); destination(local5); }; log { source(s_sys); source(s_udp); filter(local6); destination(local6); }; log { source(s_sys); source(s_udp); filter(spooler); destination(d_spol); }; log { source(s_sys); source(s_udp); filter(emerg); destination(emerg); }; log { source(s_sys); source(s_udp); filter(crit); destination(crit); }; log { source(s_sys); source(s_udp); filter(alert); destination(alert); }; log { source(s_sys); source(s_udp); filter(err); destination(err); }; log { source(s_sys); source(s_udp); filter(warning); destination(warning); }; filter ext_filter { level(warning) or level(err) or level(alert) or level(crit) or level(emerg) or facility(authpriv); }; log { source(s_sys); source(s_udp); source(kernel_file); filter(ext_filter); }; Any guess , why it is not managing log, no new logs have been added to log directory, as /var/log/messages doens't contains any new message after i configured syslog-ng but if i will restart my syslog(the default that comes with redhat) it will start adding new logs to /var/log/messages. . ...... -jack __________________________________ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/
On Wed, Mar 09, 2005 at 01:43:55AM -0800, jack alex wrote:
I am trying to configure syslog-ng package for managing logs, but there is some where something wrong in my configuration such that it is not generatinglogs
below file is quite long
<SNIP>
Any guess , why it is not managing log, no new logs have been added to log directory, as /var/log/messages doens't contains any new message after i configured syslog-ng but if i will restart my syslog(the default that comes with redhat) it will start adding new logs to /var/log/messages. . ......
Your config file is syntactically correct (syslog-ng -s), and I don't see anything wrong at a glance. I suppose I'd make sure it's running (as root since /var/log has strict file perms by default). Maybe there's some problem making it exit, so keep it in the foreground in debugging when you start it and see what you get: # syslog-ng -d -v -- Nate ". . . a classic - something that everybody wants to have read and nobody wants to read." - speech (1900) - Samuel Clemens
participants (2)
-
jack alex
-
Nate Campi