[syslog-ng]Please help with logging remote machines

Balazs Scheidler syslog-ng@lists.balabit.hu
Wed, 19 Nov 2003 19:22:07 +0100


On Wed, Nov 19, 2003 at 07:55:46AM -0600, Daniel Flick wrote:
> 08:28:15.975018 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
> 08:28:15.976003 138.57.100.15.syslog > 66.6.86.58.syslog: udp 137
> 08:28:15.976820 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
> 08:28:15.978296 138.57.100.15.syslog > 66.6.86.58.syslog: udp 137
> 08:28:15.979772 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
> 08:28:15.980096 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
> 08:28:15.980756 138.57.100.15.syslog > 66.6.86.58.syslog: udp 133
> looks like the firewall is sending (100.15 is firewall)

ok, please strace the syslog-ng process to see whether it is actually
receiving messages.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1