[syslog-ng]no kernel facility
Stephan Uhlmann
suhlmann@gmx.de
Thu, 14 Mar 2002 14:58:13 +0100
Hello.
It seems that syslog-ng doesn't receive syslog messages of the "kern"
facility. I have the following configuration (in reality a bit bigger but the
other stuff is mostly configuration for receiving log messages from other
hosts, it shouldn't affect this problem):
---------
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_fqdn (no);
create_dirs (yes);
keep_hostname (yes);
};
source src { unix-stream("/dev/log"); internal(); };
destination han_messages { file("/var/log/messages"); };
log { source(src); destination(han_messages); };
---------
I don't think that there are no kernel messages generated by the system. Also
with normal syslog I get the following messages when killing/starting klogd:
Mar 14 13:11:59 han kernel: klogd 1.3-3, log source = /proc/kmsg started.
Mar 14 13:11:59 han kernel: Inspecting /boot/System.map-2.2.16-SMP
Mar 14 13:11:59 han kernel: Loaded 9539 symbols from
/boot/System.map-2.2.16-SMP.
Mar 14 13:11:59 han kernel: Symbols match kernel version 2.2.16.
Mar 14 13:11:59 han kernel: Loaded 290 symbols from 7 modules.
Mar 14 13:12:03 han kernel: Kernel logging (proc) stopped.
Mar 14 13:12:03 han kernel: Kernel log daemon terminating.
With syslog-ng I don't get these messages. So I suspect that there is a
problem with syslog-ng getting the messages from klogd.
I updated to version 1.4.14 and the problem still exists.
Any hint appreciated :-)
Thank you,
Stephan