David, I guess you dont need this badly enough to hack it yourself :-) But if anyone is interested in adding this functionality for a patch, start here-- main.c main_loop() for the config file parsing debug output. center.c do_distribute_log() for the core of the filter matching. Also, do_distribute_log() could benefit from some sort of accelerated matching to (possibly) improve performance in heavy-filtering configurations, at the moment it's O(n) n~= number of rules.

Let me say first that this is a fantastic piece of software - I'm starting to implement it in our UNIX environment. It's almost TOO powerful :-) But that is a Good Thing.

I don't THINK this is in the current sources, but anyway....

I'd like to have some serious debugging available in the logs ... for example, right now we get:

syslog-ng[99]: Syntax error reading config file, using old configuration

...and this is all you know. To actually find out the error, you have to run syslog-ng from the command line. Then testing gets complicated as you attempt to restart the active syslog-ng while finding out what the syntax errors are by running it at the command line. Wouldn't be better to do the following:

syslog-ng[99]: Syntax error in configuration file /etc/syslog-ng.conf at line 45 syslog-ng[99]: Retaining old configuration

Also, messages like these would be nice for debugging purposes:

syslog-ng[99]: Message from source(src) received: level auth.info syslog-ng[99]: Log #1: filter not matched syslog-ng[99]: Log #2: filter not matched syslog-ng[99]: Log #3: filter not matched syslog-ng[99]: Log #4: filter f_authonly matched syslog-ng[99]: Log #4: log used syslog-ng[99]: Log #5: filter not matched syslog-ng[99]: Log #6: source not matched

...and so on.

It would even be nice to be able to send a SIGINT or a SIGUSR1 or a SIGUSR2 to the running syslog to manipulate the debugging messages similar to BIND.

_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng