[syslog-ng]no kernel facility
Jerome Peducasse
peducasse@echo.fr
Thu, 14 Mar 2002 15:31:37 +0000
If you use Redhat 6.x, try sock-dgram instead of sock-stream.
On Thu, Mar 14, 2002 at 02:58:13PM +0100, Stephan Uhlmann wrote:
>
> Hello.
>
> It seems that syslog-ng doesn't receive syslog messages of the "kern"
> facility. I have the following configuration (in reality a bit bigger but the
> other stuff is mostly configuration for receiving log messages from other
> hosts, it shouldn't affect this problem):
>
> ---------
> options { sync (0);
> time_reopen (10);
> log_fifo_size (1000);
> long_hostnames (off);
> use_fqdn (no);
> create_dirs (yes);
> keep_hostname (yes);
> };
>
> source src { unix-stream("/dev/log"); internal(); };
> destination han_messages { file("/var/log/messages"); };
> log { source(src); destination(han_messages); };
>
> ---------
>
> I don't think that there are no kernel messages generated by the system. Also
> with normal syslog I get the following messages when killing/starting klogd:
>
> Mar 14 13:11:59 han kernel: klogd 1.3-3, log source = /proc/kmsg started.
> Mar 14 13:11:59 han kernel: Inspecting /boot/System.map-2.2.16-SMP
> Mar 14 13:11:59 han kernel: Loaded 9539 symbols from
> /boot/System.map-2.2.16-SMP.
> Mar 14 13:11:59 han kernel: Symbols match kernel version 2.2.16.
> Mar 14 13:11:59 han kernel: Loaded 290 symbols from 7 modules.
> Mar 14 13:12:03 han kernel: Kernel logging (proc) stopped.
> Mar 14 13:12:03 han kernel: Kernel log daemon terminating.
>
> With syslog-ng I don't get these messages. So I suspect that there is a
> problem with syslog-ng getting the messages from klogd.
>
> I updated to version 1.4.14 and the problem still exists.
>
> Any hint appreciated :-)
>
> Thank you,
>
> Stephan
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
--
Jerome Peducasse
Wanadoo Portails - Sophia Antipolis