[syslog-ng]Redhat 7.2, syslog-ng 1.6 and logger, and no loggi ng

Mon, 4 Aug 2003 14:29:30 -0600

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C35AC7.1BB8E640
Content-Type: text/plain;
	charset="iso-8859-1"

Just a typo, I can't seem to paste into cxoffice running IE (outlook web
<sigh>).

But I'm getting farther. 

In spite of the fact that "which syslog-ng" returned
/usr/local/sbin/syslog-ng" which when I executed with "-V" reported as
version 6rc3, I just noticed the start stop entries in the log file was
still version stamped 1.5(somthing).

Somehow the redhat init script is calling the wrong one, but I deleted the
old one from whereever else it was, then I found that it was failing to
start due to looking for it's config file in /usr/local/etc/sysconfig-ng/
not in /etc/sysconfig-ng/  I found the switch for the configure file
reconfigured and recompiled and now it's working!

The man page indicates that w/o the -f param it looks in /etc/syslog-ng, but
if that was the intent, shouldn't hte configure script be changed to
actually reflect this?

Anyway thanks for the help!

-Erich

-----Original Message-----
From: Hamilton Andrew
To: syslog-ng@lists.balabit.hu
Sent: 8/4/03 2:04 PM
Subject: RE: [syslog-ng]Redhat 7.2, syslog-ng 1.6 and logger, and no logging

It may be a typo on the message but your filter line says f_fileter2 and
your log line says f_filter2.  Could this be your problem?

Regards

-----Original Message-----
From: Weidner, Erich [mailto:eweidner@ciber.com]
Sent: Monday, August 04, 2003 3:56 PM
To: 'syslog-ng@lists.balabit.hu'
Subject: [syslog-ng]Redhat 7.2, syslog-ng 1.6 and logger, and no logging

I'm unable to get messages into /var/log/messages with logger. 

I've compiled and installed syslog-ng 1.6rc3, 

I've the following config. (modified the contrib/syslong-ng.conf.Redhat)
config file. 

Relavent lies of it are: 

source s_sys { pipe ("proc/kmsg" log_prefix"kernel: ")); unix-dgram
("/dev/log"); internal(); }; 

filter f_fileter2 { level(info .. emerg) and not (facility(mail) or
facility(authpriv) or facility(cron)); }; 

log { source(s_sys); filter(f_filter2); destination(d_mesg); }; 

I've tried the following: logger -p daemon.crit "Testing, Hello?" 
and various others such as user.crit user.warn, etc. Nothing. 
Syslog-ng does however log the fact that it starts and stops (at least
after I edited the default filter to be (info .. emerg) instead of just
(info)

I also see a few entries for STATS: dropped 0. 

Help! 

-Erich 

------_=_NextPart_001_01C35AC7.1BB8E640
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: [syslog-ng]Redhat 7.2, syslog-ng 1.6 and logger, and no =
logging</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>Just a typo, I can't seem to paste into cxoffice =
running IE (outlook web &lt;sigh&gt;).</FONT>
</P>

But I'm getting farther.

<P><FONT SIZE=3D2>In spite of the fact that &quot;which syslog-ng&quot; =
returned /usr/local/sbin/syslog-ng&quot; which when I executed with =
&quot;-V&quot; reported as version 6rc3, I just noticed the start stop =
entries in the log file was still version stamped =
1.5(somthing).</FONT></P>

<P><FONT SIZE=3D2>Somehow the redhat init script is calling the wrong =
one, but I deleted the old one from whereever else it was, then I found =
that it was failing to start due to looking for it's config file in =
/usr/local/etc/sysconfig-ng/ not in /etc/sysconfig-ng/&nbsp; I found =
the switch for the configure file reconfigured and recompiled and now =
it's working!</FONT></P>

<P><FONT SIZE=3D2>The man page indicates that w/o the -f param it looks =
in /etc/syslog-ng, but if that was the intent, shouldn't hte configure =
script be changed to actually reflect this?</FONT></P>

<P><FONT SIZE=3D2>Anyway thanks for the help!</FONT>
</P>

<P><FONT SIZE=3D2>-Erich</FONT>
</P>

<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Hamilton Andrew</FONT>
<BR><FONT SIZE=3D2>To: syslog-ng@lists.balabit.hu</FONT>
<BR><FONT SIZE=3D2>Sent: 8/4/03 2:04 PM</FONT>
<BR><FONT SIZE=3D2>Subject: RE: [syslog-ng]Redhat 7.2, syslog-ng 1.6 =
and logger, and no logging</FONT>
</P>

<P><FONT SIZE=3D2>It may be a typo on the message but your filter line =
says f_fileter2 and</FONT>
<BR><FONT SIZE=3D2>your log line says f_filter2.&nbsp; Could this be =
your problem?</FONT>
<BR><FONT SIZE=3D2>&nbsp;</FONT>
<BR><FONT SIZE=3D2>Regards</FONT>
</P>

<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Weidner, Erich [<A =
HREF=3D"mailto:eweidner@ciber.com">mailto:eweidner@ciber.com</A>]</FONT>=

<BR><FONT SIZE=3D2>Sent: Monday, August 04, 2003 3:56 PM</FONT>
<BR><FONT SIZE=3D2>To: 'syslog-ng@lists.balabit.hu'</FONT>
<BR><FONT SIZE=3D2>Subject: [syslog-ng]Redhat 7.2, syslog-ng 1.6 and =
logger, and no logging</FONT>
</P>
<BR>
<BR>

I'm unable to get messages into /var/log/messages =
with logger.

<P><FONT SIZE=3D2>I've compiled and installed syslog-ng 1.6rc3, </FONT>
</P>

I've the following config. (modified the =
contrib/syslong-ng.conf.Redhat)
 config file.

<P><FONT SIZE=3D2>Relavent lies of it are: </FONT>
</P>

<P><FONT SIZE=3D2>source s_sys { pipe (&quot;proc/kmsg&quot; =
log_prefix&quot;kernel: &quot;)); unix-dgram</FONT>
<BR><FONT SIZE=3D2>(&quot;/dev/log&quot;); internal(); }; </FONT>
</P>

filter f_fileter2 { level(info .. emerg) and not =
(facility(mail) or
 facility(authpriv) or facility(cron)); };

<P><FONT SIZE=3D2>log { source(s_sys); filter(f_filter2); =
destination(d_mesg); }; </FONT>
</P>
<BR>

I've tried the following: logger -p daemon.crit =
&quot;Testing, Hello?&quot; 
 and various others such as user.crit user.warn, etc. =
Nothing. 
 Syslog-ng does however log the fact that it starts =
and stops (at least
 after I edited the default filter to be (info .. =
emerg) instead of just
 (info)

I also see a few entries for STATS: dropped 0. =

Help!

<P><FONT SIZE=3D2>-Erich </FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C35AC7.1BB8E640--