Dear all, What happen if the log message is not a standard syslog message? Thanks. Regards, Wilson Lai System Engineer IT Dept., SJM Office ( : (853)2978585 Mobile ( : (853)66506709 Email +: : wilsonlai@macausjm.com -----Original Message----- From: syslog-ng-request@lists.balabit.hu [mailto:syslog-ng-request@lists.balabit.hu] Sent: Friday, August 17, 2007 3:45 PM To: syslog-ng@lists.balabit.hu Subject: syslog-ng Digest, Vol 28, Issue 21 Send syslog-ng mailing list submissions to syslog-ng@lists.balabit.hu To subscribe or unsubscribe via the World Wide Web, visit https://lists.balabit.hu/mailman/listinfo/syslog-ng or, via email, send a message with subject or body 'help' to syslog-ng-request@lists.balabit.hu You can reach the person managing the list at syslog-ng-owner@lists.balabit.hu When replying, please edit your Subject line so it is more specific than "Re: Contents of syslog-ng digest..." Today's Topics: 1. new syslog-ng white paper published (Balazs Scheidler) 2. Buffer Overflow : Insufficient buffer space for retrieving STREAMS log message; res='2' ( Nicolas de Marqu? - Fromentin ) 3. REGEX rewrites on packet body possible? (Eli Stair) 4. Re: Buffer Overflow : Insufficient buffer space for retrieving STREAMS log message; res='2' (Russell Fulton) 5. Re: Logging Third party application logs to Syslog-NG (Wilson Lai) 6. Re: Buffer Overflow : Insufficient buffer space for retrieving STREAMS log message; res='2' (Balazs Scheidler) 7. Re: REGEX rewrites on packet body possible? (Balazs Scheidler) 8. Re: Logging Third party application logs to Syslog-NG (Balazs Scheidler) ---------------------------------------------------------------------- Message: 1 Date: Thu, 16 Aug 2007 16:58:31 +0200 From: Balazs Scheidler <bazsi@balabit.hu> Subject: [syslog-ng] new syslog-ng white paper published To: syslog-ng@lists.balabit.hu Message-ID: <1187276311.7565.52.camel@bzorp.balabit> Content-Type: text/plain Dear all, We have published a new, syslog-ng related white paper on our website titled: "Distributed syslog architectures with syslog-ng" It basically contains the various deployment scenarios, their pros and cons we've encountered in our experience. It does contain information on syslog-ng Premium Edition, but still we tried to concentrate on the technical content, and some of it equally applies to syslog-ng OSE. We'd appreciate feedback at documentation@balabit.com. Thanks. -- Bazsi ------------------------------ Message: 2 Date: Thu, 16 Aug 2007 18:40:03 +0200 From: " Nicolas de Marqu? - Fromentin " <nicolas.demarque@gmail.com> Subject: [syslog-ng] Buffer Overflow : Insufficient buffer space for retrieving STREAMS log message; res='2' To: "Syslog-ng users' and developers' mailing list" <syslog-ng@lists.balabit.hu> Message-ID: <b778b3cc0708160940y50d0dfb4yc84f86dffa4efc6a@mail.gmail.com> Content-Type: text/plain; charset="iso-8859-1" Hello, During a big flow from a local server to a central server, we have a "buffer overflow" on the local server. After this message, syslog-ng is crash and don't be capable to send any messages. The local server is a solaris 10 product, the central linux a redhat EL4. Do you know a rule to stop this problem Best regard, Nicolas