[syslog-ng]Real time .conf?

Brian Leveille bleveille@defendnet.com
Wed, 8 Nov 2000 17:54:36 -0500 

Matt,

Thanks.  Somehow though, I don't think that worked.  Here is my config file.

# this file show more or less all the features of syslog-ng

options {sync(0); create_dirs(yes);};

source int { unix-stream("/dev/log"); internal(); };
source src { udp(port(514)); };

destination everything {
file("/NetscreenLogs/$HOST/$HOST.$MONTH-$DAY-$YEAR.log"
owner(NetscreenLogs)
group(NetscreenLogs)
perm(0777)
dir_perm(0777));
};

destination internallogs { file("/var/log/messages"); };


log { source(src); destination(everything); };
log { filter(DEFAULT); destination(internallogs); };



All I am trying to do is have my remote boxes send their syslog messages to
my server, and have the server create some semblance of a directory
structure.  Simple.

But, when I watch packets with tcpdump, it seems there are A LOT more udp
port 514 packets than there are log records.  My tcpdump sessions shows
hundreds of udp port 514 packets while my tail -f of my log RARELY updates.

Am I losing data?!?!?!?

Brian Leveille
-------------------
Senior Internetworking Engineer
DefendNet Solutions, Inc.
www.defendnet.com

 -----Original Message-----
From: 	matthew.copeland@honeywell.com
[mailto:matthew.copeland@honeywell.com] 
Sent:	Wednesday, November 08, 2000 5:22 PM
To:	'syslog-ng@lists.balabit.hu'
Subject:	Re: [syslog-ng]Real time .conf?


Add sync(0) to your config file.

Matthew M. Copeland
Software Engineer

On Wed, 8 Nov 2000, Brian Leveille wrote:

> What conf settings can I use for my syslog-ng.conf file so that messages
are
> written to disk the instant they are received?
> 
> Thanks,
> 
> Brian Leveille
> -------------------
> Senior Internetworking Engineer
> DefendNet Solutions, Inc.
> www.defendnet.com
> 
> 
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> 


_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng