Solaris and Syslog-ng
-----BEGIN PGP SIGNED MESSAGE----- Hi After read the hole archive from 1999-february to nowadays (big job) I have no clear if the stable brunch have or not Solaris support. Let's go with the problem. I'm using sparc-solaris7 and syslog-ng 1.2.3 When I run syslog-ng I have: bash-2.02# syslog-ng parse error at 11 Parse error reading configuration file, exiting. The 11 line refers to the source line. Here is my config file: # options { sync(0); time_reopen(10); log_fifo_size(100); }; source local { sun-door("/etc/.syslog_door"); internal(); }; #################### Destinos de brezo: destination piolin { tcp("piolin" port(514)); }; destination todo { file("/var/adm/toto"); }; #################### Filtros filter xferlog { match(xferlog); }; #######################Logs locales log { source(local); filter(xferlog); destination(piolin); }; log { source(local); destination(todo); }; ------------------------- Something is wrong with doors in this case. Any ideas? -- ------------------------------------------------------------------------ Victor Barahona..........................http://www.sdi.uam.es/~barahona Soporte Seguridad en red.................http://www.sdi.uam.es/utc/ss Unidad Tecnica de Comunicaciones Universidad Autonoma de Madrid Spain Tlf.- 91 397 5525 PGP ID-0x8750AB79 ------------------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: uAR2CWNoCZXvbiqWdA6lZ5yPp19i6bZt iQA/AwUBOJgl50oW8ByHUKt5EQIBFgCfWjgP6h3chD2FYrgyA7uOSrnSbFkAoL7Y b92Xc6mnnxyFGSFwCxkAc7LP =rdre -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- One thing more.
source local { sun-door("/etc/.syslog_door"); internal(); };
I tryed with: source local { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); }; And thats what a i get: do_init_afstreams_source: Cannot open sun-stream /dev/log (Operation not supported on transport endpoint) Error initializing configuration, exiting. ¿?¿? ------------------------------------------------------------------------ Victor Barahona..........................http://www.sdi.uam.es/~barahona Soporte Seguridad en red.................http://www.sdi.uam.es/utc/ss Unidad Tecnica de Comunicaciones Universidad Autonoma de Madrid Spain Tlf.- 91 397 5525 PGP ID-0x8750AB79 ------------------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: kH8Q8/6JPWeN9T+NLDkXK23LXQiKX0LG iQA/AwUBOJgnzUoW8ByHUKt5EQL31gCdEZdeZpMVMhQilP+iXx1Z6BCQLg4AoMj3 b9DrdFkQD7DnrvV8Pp4Y7cZh =tEJO -----END PGP SIGNATURE-----
One thing more.
source local { sun-door("/etc/.syslog_door"); internal(); };
I tryed with:
source local { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); };
And thats what a i get:
do_init_afstreams_source: Cannot open sun-stream /dev/log (Operation not supported on transport endpoint) Error initializing configuration, exiting.
Most probably you ran syslog-ng with unix-stream("/dev/log") or something like this, which removes your original log device, and creates a unix socket. Newer versions refuse to overwrite non-socket files. This is how it should look like: lrwxrwxrwx 1 root root 27 Jan 13 1998 /dev/log -> ../devices/pseudo/log@0:log btw: I suggest you to use 1.3.13. Lot of things have been cleaned up, some features have been added, and it should be quite stable now. Debian Linux has it as a package, and the only bugs reported were compilation issues on Alpha and PPC. (and of course the recently reported bugs with the program() destination) As soon as I've a little bit more time, I clean these up, and release 1.4.0. In the 1.5.x versions I plan to implement authentication and encryption support, date manipulation (adding the year field for instance), an inter-syslog-ng protocol (which uses tagging, so newer meta- and non-meta fields can be added easier) and maybe rewrite rules to modify log lines along the way. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt
-----BEGIN PGP SIGNED MESSAGE----- Hi
Most probably you ran syslog-ng with unix-stream("/dev/log") or something like this, which removes your original log device, and creates a unix socket. Newer versions refuse to overwrite non-socket files.
This is how it should look like: lrwxrwxrwx 1 root root 27 Jan 13 1998 /dev/log -> ../devices/pseudo/log@0:log
Thanks, that mutch better :) Now is working fine.
btw: I suggest you to use 1.3.13. Lot of things have been cleaned up, some features have been added, and it should be quite stable now. Debian Linux has it as a package, and the only bugs reported were compilation issues on Alpha and PPC. (and of course the recently reported bugs with the program() destination) As soon as I've a little bit more time, I clean these up, and release 1.4.0.
I'm happy to hear about it because I was doubting what version to use but if 1.3.13 is near to 1.4.0.... :) As feedback, I tryed syslog-ng 1.2.3 in al linux-sparc RedHat 6.0 and it's working fine.
In the 1.5.x versions I plan to implement authentication and encryption support, date manipulation (adding the year field for instance), an inter-syslog-ng protocol (which uses tagging, so newer meta- and non-meta fields can be added easier) and maybe rewrite rules to modify log lines along the way.
I'm looking forward for it. Authentication and encryption would be nice. Regards. -- ------------------------------------------------------------------------ Victor Barahona..........................http://www.sdi.uam.es/~barahona Soporte Seguridad en red.................http://www.sdi.uam.es/utc/ss Unidad Tecnica de Comunicaciones Universidad Autonoma de Madrid Spain. Tlf.- 91 397 5525 PGP ID-0x8750AB79 ------------------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: 1txcyjz3tnbAUKRKdmbzx/J0hxRTgGU9 iQA/AwUBOJhDcUoW8ByHUKt5EQJIygCfVTduMZbFmkDEjarjFhi8UbcdEScAoIWG 4D3EHY3AMOsBLoXlj6dkg8n3 =tswG -----END PGP SIGNATURE-----
I asked this back in january but the list seemed dead then, so i will ask again. When i updated to 1.3.13 i tried $FACILITY and $LEVEL in my destination lines. Although i get some interesting file names. here is a snippet of my conf file source src { internal(); unix-stream("/dev/log"); udp(); }; destination test { file("/var/log/syslog-ng/test/$HOST.$LEVEL.log"); }; log { source("src"); destination("test"); }; here is an example file name homer.0x00000005.log also where making macro's create directories still on the wish list? Chris Scheller System/Network Administration Network One Internet, inc. http://www.networkone.net/ 1.888.GOT-NET1 On Wed, 2 Feb 2000, Balazs Scheidler wrote:
One thing more.
source local { sun-door("/etc/.syslog_door"); internal(); };
I tryed with:
source local { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); };
And thats what a i get:
do_init_afstreams_source: Cannot open sun-stream /dev/log (Operation not supported on transport endpoint) Error initializing configuration, exiting.
Most probably you ran syslog-ng with unix-stream("/dev/log") or something like this, which removes your original log device, and creates a unix socket. Newer versions refuse to overwrite non-socket files.
This is how it should look like: lrwxrwxrwx 1 root root 27 Jan 13 1998 /dev/log -> ../devices/pseudo/log@0:log
btw: I suggest you to use 1.3.13. Lot of things have been cleaned up, some features have been added, and it should be quite stable now. Debian Linux has it as a package, and the only bugs reported were compilation issues on Alpha and PPC. (and of course the recently reported bugs with the program() destination) As soon as I've a little bit more time, I clean these up, and release 1.4.0.
In the 1.5.x versions I plan to implement authentication and encryption support, date manipulation (adding the year field for instance), an inter-syslog-ng protocol (which uses tagging, so newer meta- and non-meta fields can be added easier) and maybe rewrite rules to modify log lines along the way.
-- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu http://lists.balabit.hu/mailman/listinfo/syslog-ng
participants (3)
-
Balazs Scheidler
-
Chris Scheller
-
Victor Barahona