[syslog-ng] Re: syslog-ng on BSDI 2.1
Chris Maltby
chris@aurema.com
Wed, 17 May 2000 17:15:06 +1000
On Wed, May 17, 2000 at 08:28:43AM +0200, Balazs Scheidler wrote:
> If the kernel doesn't send any facility/kernel info, I'm afraid syslog-ng
> can't find it out. Maybe it's using a different protocol?
>
> Can you send me a ktrace snippet, where syslog-ng reads a line read from
> /dev/klog?
Ok, so I'm an idiot. Thanks for the ktrace suggestion. Yes, /dev/klog does
include <##> information, and the reason it wasn't being sent where I
thought was a because my filter expression had:
facility(kern) and level(info)
and not:
facility(kern) and level(info..emerg)
Needless to say, the message was at "warn" level. Too much cleaning up
of syslog.conf files is my only excuse.
The only small residual problem is that syslog used to put "kernel:"
on the front of kernel messages, but syslog-ng doesn't. I wonder if
this might be a new parameter for the file (etc.) statement, e.g.:
source kernel {
file("/dev/klog" label("kernel: "));
};
Thanks for your assistance,
Chris