Hi we have a syslog-ng configuration see bellow, running on solaris if I telnet to 10.128.240.100 from server where syslog-ng is running, nothing is logged if I telnet to 10.128.240.100 from any other server it is logging as expected do you see something obvious here ? Thanks, Stefan #@version: 3.0 options { create_dirs(yes); owner(root); group(logs); perm(0644); dir_perm(0755); flush_lines(0); log_fifo_size(2048); log_msg_size(8192); stats_freq(3600); long_hostnames(off); keep_hostname(no); use_dns(yes); }; source s_remote { udp(ip(10.128.240.100) port(514)); tcp(ip(10.128.240.100) port(514) max_connections(1000)) }; # remote hosts to files destination r_messages { file ("/logs/hosts/${HOST}/${HOST}-${YEAR}${MONTH}${DAY}"); }; # remote logs log { source (s_remote); filter (f_debug); destination (r_messages); };
Sorry for misleading you, it is logged to /logs/hosts/10.128.240.100 but I would like to log it to /logs/hosts/server where i issued telnet Thanks, Stefan Stefan Varga wrote:
Hi
we have a syslog-ng configuration see bellow, running on solaris
if I telnet to 10.128.240.100 from server where syslog-ng is running, nothing is logged if I telnet to 10.128.240.100 from any other server it is logging as expected
do you see something obvious here ?
Thanks, Stefan
#@version: 3.0
options { create_dirs(yes); owner(root); group(logs); perm(0644); dir_perm(0755); flush_lines(0); log_fifo_size(2048); log_msg_size(8192); stats_freq(3600); long_hostnames(off); keep_hostname(no); use_dns(yes); };
source s_remote { udp(ip(10.128.240.100) port(514)); tcp(ip(10.128.240.100) port(514) max_connections(1000)) };
# remote hosts to files destination r_messages { file ("/logs/hosts/${HOST}/${HOST}-${YEAR}${MONTH}${DAY}"); };
# remote logs log { source (s_remote); filter (f_debug); destination (r_messages); };
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- +----------------------------------------------+ | Stefan Varga TEMPEST a.s. | | Senior Systems Engineer Services Division | | +421908 760617 Plynarenska 7/B | | Stefan_Varga@tempest.sk Bratislava | | Sun Microsystems Executive Partner | | Symantec(Veritas) Platinum Partner | +----------------------------------------------+
hi, you should try to replace (in your destination declaration) file ("/logs/hosts/${HOST}/${HOST}-${YEAR}${MONTH}${DAY}"); by file ("/logs/hosts/server"); ... and also understand what your doing, of course ... ;) 2009/10/1 Stefan Varga <Stefan_Varga@tempest.sk>
Sorry for misleading you, it is logged to /logs/hosts/10.128.240.100 but I would like to log it to /logs/hosts/server where i issued telnet
Thanks, Stefan
Stefan Varga wrote:
Hi
we have a syslog-ng configuration see bellow, running on solaris
if I telnet to 10.128.240.100 from server where syslog-ng is running, nothing is logged if I telnet to 10.128.240.100 from any other server it is logging as expected
do you see something obvious here ?
Thanks, Stefan
#@version: 3.0
options { create_dirs(yes); owner(root); group(logs); perm(0644); dir_perm(0755); flush_lines(0); log_fifo_size(2048); log_msg_size(8192); stats_freq(3600); long_hostnames(off); keep_hostname(no); use_dns(yes); };
source s_remote { udp(ip(10.128.240.100) port(514)); tcp(ip(10.128.240.100) port(514) max_connections(1000)) };
# remote hosts to files destination r_messages { file ("/logs/hosts/${HOST}/${HOST}-${YEAR}${MONTH}${DAY}"); };
# remote logs log { source (s_remote); filter (f_debug); destination (r_messages); };
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- +----------------------------------------------+ | Stefan Varga TEMPEST a.s. | | Senior Systems Engineer Services Division | | +421908 760617 Plynarenska 7/B | | Stefan_Varga@tempest.sk Bratislava | | Sun Microsystems Executive Partner | | Symantec(Veritas) Platinum Partner | +----------------------------------------------+
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
participants (2)
-
fredzy padzy
-
Stefan Varga