[syslog-ng]kern messages not trapping correctly?

[syslog-ng@lists.balabit.hu]

On Mon, 8 Dec 2003, Aladdin wrote:

> Hello dan,
> 
> Monday, December 8, 2003, 1:06:45 AM, you wrote:
> 
> dedn> in my syslog.conf file. I translated that into syslog-ng, but my firewall
> dedn> log has not increased one bit, even when I purposly hit a blocked port 
> dedn> from the outside. 
> 
> dedn> Here's the syslog-ng.conf file. Perhaps someone can see an issue?
> 
> 
> dedn> options { dir_perm(0755); perm(0644); chain_hostnames(no);
> dedn>           keep_hostname(yes); };
> 
> dedn> source local {
> dedn>         unix-stream("/dev/log");
> dedn>         udp(ip(0.0.0.0) port(514));
> dedn>         internal();
> dedn> };
> 
>    I think that you must stop klogd daemon and put one more line under
>    source section. This line is:
> 
>    pipe("/proc/kmsg");
> 
>    At least this worked for me.


Thanks!
That worked.