[syslog-ng]Difficulty with source(net) on Solaris 8 [syslog-ng-1.4.9a]
Balazs Scheidler
bazsi@balabit.hu
Sun, 16 Sep 2001 13:54:23 +0200
On Fri, Sep 14, 2001 at 01:50:29PM -0700, Ken Paris wrote:
> Greetings,
>
> I did as you suggested and I do see the recvfrom() when a message arrives.
>
> Never uised truss befor. Interesting, but nothing into the log file.
>
> kparis@netlog$ ps -aef | grep sysl
> kparis 25013 24857 0 13:38:59 pts/1 0:00 grep sysl
> root 23643 1 0 Sep 12 ? 0:00 /usr/local/sbin/syslog-ng -
> f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-n
>
> truss -p 23643
>
> poll(0xFFBEF658, 3, 60000) = 1
> recvfrom(3, " < 5 > 6 7 5 : S e p ".., 519, 0, 0xFFBEF448, 0xFFBEF444) = 99
> time() = 1000499766
> poll(0xFFBEF658, 3, 100) = 0
> poll(0xFFBEF658, 3, 60000) (sleeping...)
> signotifywait() (sleeping...)
> lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
> door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
> door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
>
> This repeats anytime I change the config on the cisco device
> ( which immediately sends a message to loghost )
>
> My current config is:
> kparis@netlog$ cat syslog-ng.conf
> options { sync(0); keep_hostname(yes); chain_hostnames(no); log_fifo_size
> (30000); };
> source s_local { sun-streams("/dev/log" door("/etc/.syslog_door")); internal
> (); };
> source s_net_udp { udp(); };
> destination d_local { file("/var/log/default"); };
> log { source(s_local); source(s_net_udp); destination(d_local); };
>
> kparis@netlog$ ls -l /var/log
> total 34
> -rw------- 1 root sys 0 Aug 17 14:41 authlog
> -rw------- 1 root root 9057 Sep 14 13:29 default
> ....
>
> I can see this indicates the message is arriving to syslog-ng.
> Am I close ?
yes, syslog-ng receives the entry without problems. and the configuration
looks ok as well, messages should show up in /var/log/default. If they don't
it must be a strange bug. Which syslog-ng version are you using?
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1