[syslog-ng]linux kern log entries

Nate Campi nate@campin.net
Thu, 19 Dec 2002 07:19:54 -0800


--GRPZ8SYKNexpdSJ7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Dec 19, 2002 at 09:33:06AM +0100, Balazs Scheidler wrote:
> On Wed, Dec 18, 2002 at 12:21:36PM -0700, Kai Wang wrote:
> >=20
> > We implemented syslog-ng on our linux boxes. I found that syslog-ng
> > handles facility "kern" as "user" on our machines. Is this a bug? How
> > to fix it?
>=20
> You should explain what you mean here, like what it does and what it shou=
ld
> do in your opinion. I don't know about a bug like this though.

Make sure you're not testing with the logger utility:

 $ logger -p kern.crit foo bar baz

=2E..results in:

 Dec 19 07:10:07 HOST nate: [ID 702911 user.crit] foo bar baz

On linux and solaris. Logger doesn't let you fake kernel messages. If
you really want to test it - use netcat:

 $ echo "<2>Dec 19 07:12:01 FAKEHOST fakeprog[1234567]: fake message
 injected by netcat by nate" | nc -v -v -u localhost 514

=2E..make sure localhost port 514/UDP has syslog(-ng) listening, and you
should get this in your logs:

 Dec 19 07:12:01 FAKEHOST fakeprog[1234567]: [KERN.CRIT]: fake message
 injected by netcat by nate

--=20
Nate Campi   http://www.campin.net=20

"I have never let my schooling interfere with my education." - Samuel Cleme=
ns


--GRPZ8SYKNexpdSJ7
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+AeOaWpDEZMF673kRAjI/AKCA1TE3+Pe5dFPdXET+B+ZsnBp6bACcCY0v
hwnbS92lFK4yRFr7ZpReUns=
=awdn
-----END PGP SIGNATURE-----

--GRPZ8SYKNexpdSJ7--