[syslog-ng]linux kern log entries
Nate Campi
nate@campin.net
Thu, 19 Dec 2002 07:19:54 -0800
--GRPZ8SYKNexpdSJ7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Dec 19, 2002 at 09:33:06AM +0100, Balazs Scheidler wrote:
> On Wed, Dec 18, 2002 at 12:21:36PM -0700, Kai Wang wrote:
> >=20
> > We implemented syslog-ng on our linux boxes. I found that syslog-ng
> > handles facility "kern" as "user" on our machines. Is this a bug? How
> > to fix it?
>=20
> You should explain what you mean here, like what it does and what it shou=
ld
> do in your opinion. I don't know about a bug like this though.
Make sure you're not testing with the logger utility:
$ logger -p kern.crit foo bar baz
=2E..results in:
Dec 19 07:10:07 HOST nate: [ID 702911 user.crit] foo bar baz
On linux and solaris. Logger doesn't let you fake kernel messages. If
you really want to test it - use netcat:
$ echo "<2>Dec 19 07:12:01 FAKEHOST fakeprog[1234567]: fake message
injected by netcat by nate" | nc -v -v -u localhost 514
=2E..make sure localhost port 514/UDP has syslog(-ng) listening, and you
should get this in your logs:
Dec 19 07:12:01 FAKEHOST fakeprog[1234567]: [KERN.CRIT]: fake message
injected by netcat by nate
--=20
Nate Campi http://www.campin.net=20
"I have never let my schooling interfere with my education." - Samuel Cleme=
ns
--GRPZ8SYKNexpdSJ7
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+AeOaWpDEZMF673kRAjI/AKCA1TE3+Pe5dFPdXET+B+ZsnBp6bACcCY0v
hwnbS92lFK4yRFr7ZpReUns=
=awdn
-----END PGP SIGNATURE-----
--GRPZ8SYKNexpdSJ7--