[syslog-ng]Some device doesn't write to file

[Balazs Scheidler]

On Mon, Oct 27, 2003 at 04:36:21PM +0800, Santa Lau wrote:
> Hi,
> 
> I just upgrade the hardware and software of the syslog-ng server to
> 1.60rc4 from 1.5 to log about 30 firewalls syslog. After upgarde, I did
> find that nearly half of the firewalls log doesn't write to the file. I
> did check with tcpdump and it did receive the tons of logs but did't log
> into the file. The iptables/ipchains has all been disabled.  Is there any
> way to identify the source of problem. Thanks for your help.

I think you should attach strace to the syslog-ng process and check whether
it really receives log messages (you should see recvfrom() lines for each
message received), it might also be possible that syslog-ng blocks on DNS
for example.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1