[syslog-ng]syslog-ng doesn't handle builtin syslog messages correctly
Joerg Michels
syslog-ng@lists.balabit.hu
Wed, 10 Dec 2003 15:10:27 +0100
Hello together,
I'm running a central syslog-ng server and about two dozens clients sending their logs to this server (all redhat). But on some clients syslog-ng doesn't catch the builtin syslog messages.
syslog-version: 1.6.0rc4 on all hosts
the conf file on my clients:
---
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (yes);
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
};
source src_sys { pipe ("/proc/kmsg");
unix-stream ("/dev/log");
internal (); };
destination dst_central { tcp('xxx.xxx.xxx.xxx'); };
destination dst_local { file ("/var/log/all"); };
log { source(src_sys); destination(dst_central); destination(dst_local); };
---
When I execute 'logger test' the message only reaches the local /var/log/all, but not the server. When I execute 'logger -u /dev/log test' the message reaches both destinations.
I tried unix-dgram instead of unix-stream, but same problem. I tried udp as transport protocol, but also same problem. I tried same older versions of syslog-ng, but also same problem.
Where is my mistake?
With kind regards,
Joerg Michels