[syslog-ng]Logging network messages in Solaris
Balazs Scheidler
bazsi@balabit.hu
Wed, 27 Jun 2001 17:24:49 +0200
On Tue, Jun 26, 2001 at 11:31:28AM -0400, Ripley, Scott wrote:
> I have syslog-ng running successfully on several of our Solaris servers, but
> I can't get it to work with our logging server. I have the following config:
>
> source local { sun-streams("/dev/log" door("/etc/.syslog_door"));
> internal(); };
> source s_tcp { tcp(ip(0.0.0.0)); };
> source s_udp { udp(); };
>
> <...filters removed...>
>
> log { source(local); filter (DEFAULT); destination(all); };
> log { source(s_udp); filter (DEFAULT); destination(all); };
> log { source(s_tcp); filter (DEFAULT); destination(all); };
>
> I've simplified the config just to see if I can get messages to show up
> anywhere. It's not logging any messages from network devices, although it
> logs local messages just fine. I know the messages are getting there b/c
> syslogd is logging them and I've sniffed the network to verify UDP and port
> 514.
>
> I've also tried declaring the tcp and udp sources in the local definition.
>
> I know this can work. What am I missing?
truss syslog-ng whether it really receives those messages? netstat output?
syslog-ng -dv output?
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1