[syslog-ng]Cannot get sun-stream to work
Nate Campi
syslog-ng@lists.balabit.hu
Tue, 13 Jan 2004 14:37:49 -0800
On Tue, Jan 13, 2004 at 02:24:51PM -0800, Chance Ellis wrote:
> I am running syslog-ng v. on Solaris 8.
>
> Below is my config file. I am not able to see messages
> coming in off the wire. If I run syslogd the messages
> are logged properly.
>
> Any help is appreciated.
>
> --------Begin config-------------
>
> options { long_hostnames(off); sync(0); };
> source src { sun-stream("/dev/log"
> door("/etc/.syslog_door")); internal(); };
> source net { udp(); };
> destination console { usertty("root"); };
> destination 10-1-1-5 { file("/var/log/10-1-1-5"); };
> filter f_10-1-1-5 { host("hostname") and
> match("something"); };
> log { source(src); destination(console); };
> log { source(src); filter(f_10-1-1-5);
> destination(10-1-1-5); };
You don't have any log statements using the net source. Merge your net
and net sources into one, or add a log statement logging the net source.
I'd change this:
-- snip --
source src {
sun-stream("/dev/log" door("/etc/.syslog_door"));
internal();
};
source net { udp(); };
-- snip --
...to this:
-- snip --
source src {
sun-stream("/dev/log" door("/etc/.syslog_door"));
internal();
udp();
};
-- snip --
Now your log statements catch all your input, which is what you seem to
expect.
--
Nate
"Get your facts first, and then you can distort them as much as you
please." - Samuel Clemens