[syslog-ng] Re: Problems configuring syslog-ng
Balazs Scheidler
bazsi@balabit.hu
Fri, 22 Oct 1999 15:48:25 +0200
On Fri, Oct 22, 1999 at 11:35:42PM +1000, John Doe wrote:
> Hi,
> I just downloaded syslog-ng 1.1.33 and I'm trying to run it on FreeBSD
> 3.3. syslog-ng compiles and installs without any problems at all, but
nice to hear.
> when it comes to running it I get no log entries. The following is my
> syslog-ng.conf file which I am using, and I'd guess that I've made some
> terrible problem there, if you could please point me to where I am going
> wrong it would be much appreciated.
>
> #----cut-----
> options { sync(0); time_reopen(10); log_fifo_size(100) };
>
> source src {
> unix-stream("/var/run/log");
> internal();
> };
>
> destination everything {
> file("/var/log/newsyslog" compress(on) sync(0) log_fifo_size(10));
> };
>
> log { source(src); destination(everything); };
> #----cut------
The problem is that BSD systems use unix-dgram sockets to send local log
messages. So your source statement should look like:
source src {
unix-dgram("/var/run/log");
internal();
};
This is described in the INSTALL file:
BSDi:
-----
BSD is similar to Linux (or vice-versa Linux is similar to BSD, but this is
another issue), so BSD has also a unix socket for log communication, but
it's of type SOCK_DGRAM, and it is located at /var/run/log. So the source
statement you are looking for is:
source stdlog { unix-dgram("/var/run/log"); };
Or in the .sgml generated documentation doc/sgml/syslog-ng.txt:
> I intend to run syslog-ng over (remote logging) my LAN (Linux, OpenBSD
> and FreeBSD machines) when I get it going with what-ever
> encryption/hashing syslog-ng supports. Sorry for the poor question,
> however there doesn't appear to be much documention included with
> syslog-ng. Suggestion: how about you include 5 sample setup files which
> syslog-ng users have put into effect on their systems in a doc/samples
> directory. If you cannot help me with my log-configuration file above,
> perhaps you could send me your syslog-ng config file (well actaully I'd
> be interested in seeing how you've implemented syslog-ng anway).
You can find a demo configuration file which includes all possible
parameters syslog-ng parses (doc/syslog-ng.conf.demo), even those syslog-ng
doesn't implement yet (compress, encrypt etc. come to mind),
and another one meant as a default configuration file:
doc/syslog-ng.conf.sample
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt