Hi! I've got a server (syslog-ng 1.5.14) with a innacurate system time (off by a minute) which logs to my master server (also syslog-ng 1.5.14). The option use_time_recvd(no) is in the masters config but the last changed time of the current logfile and the timestamps in the logfile are those of the senders server. Shouldn't the master syslog-ng strip all timestamp information from the logmessage and insert its own? I noticed this (obviously mis)behaviour because the PAM-stuff on the inaccurate server went mad and sends syslog entries with (nearly) correct time but the date is set to 2001-12-31; all other services log with correct timestamps. Here are some messages which cause the broken log-dates --- snip --- Mär 7 18:12:49 backup su: FAILED SU (to root) robe on /dev/pts/0 Mär 7 18:12:53 backup su: (to root) robe on /dev/pts/0 Mär 7 18:12:53 backup PAM-unix2[10112]: session started for user root, service su --- snap --- modify times of the two opened logfiles on the sending host (format is $HOST/$YEAR-$MONTH-$DAY): -rw------- 1 root root 3193 Mar 7 18:12 2001-12-31 -rw------- 1 root root 196130 Mar 7 19:17 2002-03-07 and here on the master server: -rw------- 1 root root 1814 Mar 7 18:13 2001-12-31 -rw------- 1 root root 39016 Mar 7 19:18 2002-03-07 a) do you have any tips on tracking down the problem with the broken pam-timestamps? b) is the use_time_recvd() option broken/non-existant in 1.5.14 ? mfg -- Renner Michael Junior System Engineer Inode Telekommunikationsdienstleistungs GmbH - http://www.inode.at support@inode.at, Tel.: 05 9999-0, Fax.: 05 9999-2699