[syslog-ng]UDP from syslog to syslog-ng
Brian E. Seppanen
seppy@chartermi.net
Tue, 27 Mar 2001 14:57:16 -0500 (EST)
I'm testing out logging from another host to a central syslog-ng host.
The host I'm logging to is a redhat-7.0 linux box with 1.4.11. The host
I'm logging from is a Solaris 7 box running sun's standard syslog. I've
defined loghost in /etc/hosts, and I've seen a couple of messages arrive.
However it's been forever since any messages have been logged from this
host. If I do a netstat -an I see the following
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 65520 0 0.0.0.0:514 0.0.0.0:*
I have the following source definition
source udp_src {udp();}
And I'm simply trying to get it to default to a /var/log/messages
log { source(udp_src); filter(DEFAULT); destination(messages);};
I'm reading the netstat as indicating the data is being sent, and is being
received. However, it's not being written to the files. Other data has
been written in the meantime to the log files. We currently are logging
several cisco routers with the source: udp_src { udp()};
In fact this was logging messages ealier as well. I've been trying to
tweak it a little and now it doesn't seem to be working.
Anyone seen this? This is very frustrating. Anyone have any ideas on
what I may have done wrong?
Brian Seppanen
Charter Communications
Regional Data Center 906-228-4226 ext 23
Marquette, MI seppy@chartermi.net