hi, the machine is Linux 2.4.25 on i686, debian woody. it's a log-host for about 30 other machines also. 1st: please confirm how do I log kernel messages (assuming klogd is NOT running): with this: source ksrc { file("/proc/kmsg"); }; or this: source ksrc { pipe("/proc/kmsg"); }; 2nd: the machine "hangs" from time to time - cron is hanging, login is not spawning shell, sshd too. i have pinpointed it so i'm pretty sure that all those processes hang on socket connection to /dev/log. killing syslog-ng cures that. what can I do? thanks in advance, P PS. my config: options { long_hostnames(off); sync(0)}; source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); }; source net { udp(); }; filter f_auth { facility(auth, authpriv) and not match("cron"); }; filter f_NOauth { not facility(auth, authpriv); }; filter f_cron { facility(cron) or match("cron"); }; filter f_NOcron { not facility(cron) and not match("cron"); }; filter f_daemon { facility(daemon); }; filter f_kern { facility(kern); }; filter f_lpr { facility(lpr); }; filter f_mailnews { facility(mail, news); }; filter f_user { facility(user); }; filter f_uucp { facility(uucp); }; filter p_debug { level(debug); }; filter p_info { level(info); }; filter p_notice { level(notice); }; filter p_warn { level(warn); }; filter p_err { level(err); }; filter p_crit { level(crit); }; filter p_alert { level(alert); }; filter p_emergency { level(emerg); }; filter f_all { level(debug..emerg); }; filter f_iptables { facility(kern) and match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); }; filter f_NOiptables { not match("IN=[A-Za-z0-9]* OUT=[A-Za-z0-9]*"); }; filter f_named { level(debug..emerg) and match("named"); }; filter f_NOnamed { not match("named"); }; filter f_dhcpd { level(debug..emerg) and match("dhcpd"); }; filter f_NOdhcpd { not match("dhcpd"); }; destination authlog { file("/var/log/syslog/auth.log"); }; destination cron { file("/var/log/syslog/cron.log"); }; destination syslog { file("/var/log/syslog/syslog.log"); }; destination iptables { file("/var/log/syslog/iptables.log"); }; destination named { file("/var/log/syslog/named.log"); }; destination dhcpd { file("/var/log/syslog/dhcpd.log"); }; destination tty11 { file("/dev/tty11"); }; destination tty12 { file("/dev/tty12"); }; log { source(src); filter(f_auth); destination(authlog); }; log { source(src); filter(f_auth); destination(tty11); }; log { source(src); filter(f_cron); destination(cron); }; log { source(src); filter(f_all); filter(f_NOcron); filter(f_NOauth); filter(f_NOiptables); filter(f_NOnamed); filter(f_NOdhcpd); destination(syslog); }; log { source(src); filter(f_all); filter(f_NOcron); filter(f_NOauth); filter(f_NOiptables); filter(f_NOnamed); filter(f_NOdhcpd); destination(tty12); }; log { source(src); filter(f_iptables); destination(iptables); }; log { source(src); filter(f_named); destination(named); }; log { source(src); filter(f_dhcpd); destination(dhcpd); }; filter f_pix { host("pix"); }; destination pix { file("/var/log/syslog/pix.log"); }; log { source(net); filter(f_pix); destination(pix); }; filter f_lit { host("lit"); }; destination lit { file("/var/log/syslog/lit.log"); }; log { source(net); filter(f_lit); destination(lit); }; filter f_beryl { host("beryl"); }; destination beryl { file("/var/log/syslog/beryl.log"); }; log { source(net); filter(f_beryl); destination(beryl); }; filter f_bor { host("bor"); }; destination bor { file("/var/log/syslog/bor.log"); }; log { source(net); filter(f_bor); destination(bor); }; filter f_wegiel { host("wegiel"); }; destination wegiel { file("/var/log/syslog/wegiel.log"); }; log { source(net); filter(f_wegiel); destination(wegiel); }; filter f_azot { host("azot"); }; destination azot { file("/var/log/syslog/azot.log"); }; log { source(net); filter(f_azot); destination(azot); }; filter f_tlen { host("tlen"); }; destination tlen { file("/var/log/syslog/tlen.log"); }; log { source(net); filter(f_tlen); destination(tlen); }; filter f_fluor { host("fluor"); }; destination fluor { file("/var/log/syslog/fluor.log"); }; log { source(net); filter(f_fluor); destination(fluor); }; filter f_neon { host("neon"); }; destination neon { file("/var/log/syslog/neon.log"); }; log { source(net); filter(f_neon); destination(neon); }; filter f_hel { host("hel"); }; destination hel { file("/var/log/syslog/hel.log"); }; log { source(net); filter(f_hel); destination(hel); }; filter f_sod { host("sod"); }; destination sod { file("/var/log/syslog/sod.log"); }; log { source(net); filter(f_sod); destination(sod); }; filter f_magnez { host("magnez"); }; destination magnez { file("/var/log/syslog/magnez.log"); }; log { source(net); filter(f_magnez); destination(magnez); }; filter f_glin { host("glin"); }; destination glin { file("/var/log/syslog/glin.log"); }; log { source(net); filter(f_glin); destination(glin); }; filter f_krzem { host("krzem"); }; destination krzem { file("/var/log/syslog/krzem.log"); }; log { source(net); filter(f_krzem); destination(krzem); }; filter f_fosfor { host("fosfor"); }; destination fosfor { file("/var/log/syslog/fosfor.log"); }; log { source(net); filter(f_fosfor); destination(fosfor); }; filter f_siarka { host("siarka"); }; destination siarka { file("/var/log/syslog/siarka.log"); }; log { source(net); filter(f_siarka); destination(siarka); }; filter f_chlor { host("chlor"); }; destination chlor { file("/var/log/syslog/chlor.log"); }; log { source(net); filter(f_chlor); destination(chlor); }; filter f_argon { host("argon"); }; destination argon { file("/var/log/syslog/argon.log"); }; log { source(net); filter(f_argon); destination(argon); }; filter f_potas { host("potas"); }; destination potas { file("/var/log/syslog/potas.log"); }; log { source(net); filter(f_potas); destination(potas); }; filter f_wapn { host("wapn"); }; destination wapn { file("/var/log/syslog/wapn.log"); }; log { source(net); filter(f_wapn); destination(wapn); }; filter f_gal { host("gal"); }; destination gal { file("/var/log/syslog/gal.log"); }; log { source(net); filter(f_gal); destination(gal); }; filter f_german { host("german"); }; destination german { file("/var/log/syslog/german.log"); }; log { source(net); filter(f_german); destination(german); }; filter f_arsen { host("arsen"); }; destination arsen { file("/var/log/syslog/arsen.log"); }; log { source(net); filter(f_arsen); destination(arsen); }; filter f_selen { host("selen"); }; destination selen { file("/var/log/syslog/selen.log"); }; log { source(net); filter(f_selen); destination(selen); }; filter f_brom { host("brom"); }; destination brom { file("/var/log/syslog/brom.log"); }; log { source(net); filter(f_brom); destination(brom); }; filter f_krypton { host("krypton"); }; destination krypton { file("/var/log/syslog/krypton.log"); }; log { source(net); filter(f_krypton); destination(krypton); }; filter f_rubid { host("rubid"); }; destination rubid { file("/var/log/syslog/rubid.log"); }; log { source(net); filter(f_rubid); destination(rubid); }; filter f_stront { host("stront"); }; destination stront { file("/var/log/syslog/stront.log"); }; log { source(net); filter(f_stront); destination(stront); }; filter f_ind { host("ind"); }; destination ind { file("/var/log/syslog/ind.log"); }; log { source(net); filter(f_ind); destination(ind); }; filter f_cyna { host("cyna"); }; destination cyna { file("/var/log/syslog/cyna.log"); }; log { source(net); filter(f_cyna); destination(cyna); }; filter f_antymon { host("antymon"); }; destination antymon { file("/var/log/syslog/antymon.log"); }; log { source(net); filter(f_antymon); destination(antymon); }; filter f_tellur { host("tellur"); }; destination tellur { file("/var/log/syslog/tellur.log"); }; log { source(net); filter(f_tellur); destination(tellur); }; -- Pawel Dziekonski <pawel.dziekonski|@|pwr.wroc.pl>, KDM WCSS avatar:0:0: Wroclaw Networking & Supercomputing Center, HPC Department -> See message headers for privacy policy and S/MIME info.