[syslog-ng]no kernel facility
Roscoe
roscoeman@fuse.net
Thu, 14 Mar 2002 09:31:12 -0500
Stephan,
You are using the internal() for internal syslog-ng messages, if your
system supports /dev/klog then those are the kernel messages you want.
Unixstream (/dev/klog);
HTH
>
> Hello.
>
> It seems that syslog-ng doesn't receive syslog messages of the "kern"
> facility. I have the following configuration (in reality a bit bigger but
the
> other stuff is mostly configuration for receiving log messages from other
> hosts, it shouldn't affect this problem):
>
> ---------
> options { sync (0);
> time_reopen (10);
> log_fifo_size (1000);
> long_hostnames (off);
> use_fqdn (no);
> create_dirs (yes);
> keep_hostname (yes);
> };
>
> source src { unix-stream("/dev/log"); internal(); };
> destination han_messages { file("/var/log/messages"); };
> log { source(src); destination(han_messages); };
>
> ---------
>
> I don't think that there are no kernel messages generated by the system.
Also
> with normal syslog I get the following messages when killing/starting
klogd:
>
> Mar 14 13:11:59 han kernel: klogd 1.3-3, log source = /proc/kmsg started.
> Mar 14 13:11:59 han kernel: Inspecting /boot/System.map-2.2.16-SMP
> Mar 14 13:11:59 han kernel: Loaded 9539 symbols from
> /boot/System.map-2.2.16-SMP.
> Mar 14 13:11:59 han kernel: Symbols match kernel version 2.2.16.
> Mar 14 13:11:59 han kernel: Loaded 290 symbols from 7 modules.
> Mar 14 13:12:03 han kernel: Kernel logging (proc) stopped.
> Mar 14 13:12:03 han kernel: Kernel log daemon terminating.
>
> With syslog-ng I don't get these messages. So I suspect that there is a
> problem with syslog-ng getting the messages from klogd.
>
> I updated to version 1.4.14 and the problem still exists.
>
> Any hint appreciated :-)
>
> Thank you,
>
> Stephan
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>