[syslog-ng]logging woes
Roger
syslog-ng@lists.balabit.hu
Wed, 10 Sep 2003 00:16:14 -0500
I'm using syslog-ng v1.9.1+ and am having some trouble getting the
behavior of syslog-ng down.
I took this syslog-ng.conf file from a sun - hense the sun-streams
reference - and put it on a linux system. With this on the sun, any
syslog message from host a.b.c.d would be put in the directory
/var/log/syslog-ng/hostname/messages
Instead I'm getting all local syslog messages just fine BUT any remote
messages aren't getting through. I did a lsof -Pni and syslog-ng IS
listening on ports 514 both tcp and udp - I even created the directories
and messages file - chmoded the permissions to 777 - all to have no
messages dumped to their respective directories.
I started syslog-ng up w/ the options '-de' and sniffed the network.
Packets are being sent to the daemon and the debug messages look as so
log_reader_fd_prepare(); window_size='100'
but still no directories creates or information put in files.
Any ideas on what I'm doing wrong?
options {
# use_fqdn (yes); #makes log names to long
use_dns (yes);
create_dirs (yes);
log_fifo_size (1000);
};
source local { unix-stream("/dev/log"); };
#source local { sun-streams("/dev/log" door("/etc/.syslog_door"));
internal(); };
source udp_net { udp(); };
source tcp_net { tcp(); };
destination all { file("/var/log/syslog-ng/messages"
owner (root)
group (wheel)
perm (0640)
); };
destination network { file("/var/log/syslog-ng/$HOST/messages"
owner (root)
group (wheel)
dir_group (wheel)
perm (0640)
dir_perm (0750)
); };
log { source(local);
destination(all); };
log { source(tcp_net);
source(udp_net);
destination(network); };