[syslog-ng]Newbie question
Nate Campi
syslog-ng@lists.balabit.hu
Sun, 9 Mar 2003 09:39:33 -0800
On Sun, Mar 09, 2003 at 10:02:34AM -0700, Vilmos Branyik wrote:
>
> syslog-ng starts just fine and shows no errors. I tried the syslog-ng -s -f
> command in your message but the -s parameter is not supported , I get an
> error.
Must be a 1.5.x option. There's really no reason to be on 1.4.x anymore
IMO. 1.5.x is used on debian woody (stable) and most of the people on
this list in production environments (myself included). You should
upgrade to the latest 1.5.x.
> I was starting to suspect that my problem may be with stunnel. When I boot I
> see an OK on load but the very last thing that is loaded is stunnel and I
> finally was able to catch this message on the console:
>
> SSL_CTX_useRSAPRivateKey_file: error: 0906D06C: PEM routines: PEM_read_bio:
> no start line
Well you're using stunnel just to collect from remote locations,
shouldn't matter in that case.
> Any thoughts/suggestions?
You're on the same track I'd take with simplifying the config. Make sure
syslogd is not running and also klogd. From there run something really
simple like:
################################
options {
keep_hostname(yes);
long_hostnames(off);
sync(0);
};
source src {
unix-dgram("/dev/log");
internal();
};
destination everything {
file("/var/log/everything.log");
};
log {
source(src);
destination(everything);
};
################################
Run this config and create logs manually with the "logger" command. You
should see them in "/var/log/everything.log" as long as syslog isn't
running. I can't really think of anything else to try right now.
> Even so, you're not giving Great Lakes it's due, are you getting any grief
> for that :).
Great Lakes/Chicago is too cold, I'll stay in San Francisco where it's
only freezing cold in the summer ;)
--
Nate Campi http://www.campin.net