[syslog-ng]Need help...with SYSLOG-NG
R Saroukhanian
syslog-ng@lists.balabit.hu
Thu, 19 Jun 2003 17:05:03 -0400
Hello folks,
Could somebody help me with this error message I am getting when trying =
to run SYSLOG-NG?
Error message:
No source refers to internal messages, they will go to /dev/null
unresolved reference:src
Error initializing configuration, exiting.
Here is my setup.
I installed syslog-ng version 1.6.0 r3 on my FreeBSD 4.8 box.
The overall plan is to collect log messages sent to by NTSyslog from a =
Windows 2000 box to SYSLOG-NG on the FreeBSD 4.8 box.
For a test I have been starting and stopping a telnet service on my =
Windows 2000 box to pick up these events in the telnetlog file which I =
created on my FreeBSD computer.
Both syslog-ng and syslog-ng.conf file are located in /etc of the =
FreeBSD box.
I am logged in as root.
syslog.conf file looks like this:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
options {sync(0); };
source src_udp {udp(10.101.54.2) port(514); };
destination telnet_d {file ("/var/log/telnetlog"); } ;
log {source (src_udp); destination (telnet_t); };
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
I run syslog-ng manually from inside /etc and get the error message =
listed above.
Does the error message I am getting relate to syntax of the =
syslog-ng.conf or something else?
Should I add a filter entry ...inside log statement argument? for it to =
lool like >>>>>> log {source (src_udp); filter (DEFAUILT); destination =
(telnet_t); }; ???
I am looking forward to hearing from you.
Please send a copy of your response to rex@piva.net.
Thank you,
Ruben Saroukhanian