[syslog-ng]syslog-ng do not work....
Hamilton Andrew
syslog-ng@lists.balabit.hu
Tue, 27 Jan 2004 12:18:24 -0500
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C3E4F9.9221C2CB
Content-Type: text/plain;
charset="utf-8"
I would, at the very least, get the latest, which is, I believe, 1.6.1. The
1.4.x line is very old and not nearly as feature rich as 1.6.x.
Drew
-----Original Message-----
From: Alessandro Fiorenzi [mailto:a.fiorenzi@infogroup.it]
Sent: Tuesday, January 27, 2004 11:41 AM
To: Syslog-ng
Subject: RE: [syslog-ng]syslog-ng do not work....
Well I have syslog-ng version 1.4.17, perhaps could be that, infact
dns_cache(yes)
use_time_recvd(yes)
does not go .
Alessandro
On Tue, 2004-01-27 at 17:01, Hamilton Andrew wrote:
What version of syslog-ng are you using?
dnscache(yes) should be dns_cache(yes)
use_time_recvd(true) should be use_time_recvd(yes)
try pipe("/proc/kmsg" log_prefix("kernel: ")); instead of file(...
Regards,
Drew
-----Original Message-----
From: Alessandro Fiorenzi [mailto:a.fiorenzi@infogroup.it]
Sent: Tuesday, January 27, 2004 10:53 AM
To: Syslog-ng
Subject: [syslog-ng]syslog-ng do not work....
Hi, I have set this configuration on central logserver
options {
long_hostnames(off);
sync(0);
log_fifo_size(1000);
dnscache(yes);
use_fqdn(yes);
use_time_recvd(true);
};
source src {
internal();
file("/proc/kmsg" log_prefix("kernel: "));
tcp(ip(192.168.52.100) port(514) max-connections(1000));
udp(ip(0.0.0.0) port(514));
};
but it does not work. The fist errore is on dnscache(yes);, if i remove this
I get the second on use_time_recvd(true);, remove this one I get errore on
file("/proc/kmsg" log_prefix("kernel: ")); .... why?
Thanks
Fiorenzi A.
------------------------------------------------------------------------
INFOGROUP S.P.A http://www.infogroup.it
-------------------------------------------------------------------------
DR. FIORENZI ALESSANDRO
Consulente Tribunale Firenze - sicurezza informatica -
Security Administrator
Socio <file:///home/fiore/signature/www.clusit.it> CLUSIT,
<file:///home/fiore/signature/www.alsi.it> ALSI
Tel : +39.055.43.65.742
CE : +39.335.64.144.77
@Email : a.fiorenzi@infogroup.it
PGP Key: http://www.infogroup.it/ds/fiorenzi.asc
-------------------------------------------------------------------------
"Faber est suae quisque fortunae"
-------------------------------------------------------------------------
------------------------------------------------------------------------
INFOGROUP S.P.A http://www.infogroup.it
-------------------------------------------------------------------------
DR. FIORENZI ALESSANDRO
Consulente Tribunale Firenze - sicurezza informatica -
Security Administrator
Socio <file:///home/fiore/signature/www.clusit.it> CLUSIT,
<file:///home/fiore/signature/www.alsi.it> ALSI
Tel : +39.055.43.65.742
CE : +39.335.64.144.77
@Email : a.fiorenzi@infogroup.it
PGP Key: http://www.infogroup.it/ds/fiorenzi.asc
-------------------------------------------------------------------------
"Faber est suae quisque fortunae"
-------------------------------------------------------------------------
------_=_NextPart_001_01C3E4F9.9221C2CB
Content-Type: text/html;
charset="utf-8"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<META content="MSHTML 6.00.2800.1276" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=570321517-27012004><FONT face=Arial color=#0000ff size=2>I
would, at the very least, get the latest, which is, I believe, 1.6.1. The
1.4.x line is very old and not nearly as feature rich as
1.6.x.</FONT></SPAN></DIV>
<DIV><SPAN class=570321517-27012004><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=570321517-27012004><FONT face=Arial color=#0000ff
size=2>Drew</FONT></SPAN></DIV>
<BLOCKQUOTE>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Alessandro Fiorenzi
[mailto:a.fiorenzi@infogroup.it]<BR><B>Sent:</B> Tuesday, January 27, 2004
11:41 AM<BR><B>To:</B> Syslog-ng<BR><B>Subject:</B> RE: [syslog-ng]syslog-ng
do not work....<BR><BR></FONT></DIV>Well I have syslog-ng version 1.4.17,
perhaps could be that, infact <BR><FONT color=#0000ff
size=2><I>dns_cache(yes)<BR>use_time_recvd(yes)</I></FONT><BR>does not go
.<BR><BR>Alessandro<BR><BR>On Tue, 2004-01-27 at 17:01, Hamilton Andrew wrote:
<BLOCKQUOTE TYPE="CITE"><FONT color=#0000ff size=2><I>What version of
syslog-ng are you using?</FONT><BR><FONT color=#737373></FONT><BR><FONT
color=#0000ff size=2>dnscache(yes) should be dns_cache(yes)</FONT><BR><FONT
color=#737373> </FONT><BR><FONT color=#0000ff
size=2>use_time_recvd(true) should be use_time_recvd(yes)</FONT><BR><FONT
color=#737373> </FONT><BR><FONT color=#0000ff size=2>try
pipe("/proc/kmsg" log_prefix("kernel: ")); instead of
file(...</FONT><BR><FONT color=#737373> </FONT><BR><FONT color=#0000ff
size=2>Regards,</FONT><BR><FONT color=#737373> </FONT><BR><FONT
color=#0000ff size=2>Drew</FONT>
<BLOCKQUOTE><FONT color=#737373 size=2>-----Original
Message-----<BR><B>From:</B> Alessandro Fiorenzi
[mailto:a.fiorenzi@infogroup.it]<BR><B>Sent:</B> Tuesday, January 27, 2004
10:53 AM<BR><B>To:</B> Syslog-ng<BR><B>Subject:</B> [syslog-ng]syslog-ng
do not work....<BR></FONT><BR><FONT color=#737373><BR>Hi, I have set this
configuration on central logserver<BR><BR>options
{<BR>
long_hostnames(off);
<BR>
sync(0);
<BR>
log_fifo_size(1000);<BR>
dnscache(yes);<BR>
use_fqdn(yes);<BR>
use_time_recvd(true);<BR>
};<BR><BR>source src {<BR>
internal();<BR>
file("/proc/kmsg" log_prefix("kernel:
"));<BR> tcp(ip(192.168.52.100)
port(514)
max-connections(1000));<BR>
udp(ip(0.0.0.0) port(514));<BR>
};<BR><BR>but it does not work. The fist errore is on dnscache(yes);, if i
remove this I get the second on use_time_recvd(true);, remove this one I
get errore on file("/proc/kmsg" log_prefix("kernel: ")); ....
why?<BR><BR>Thanks<BR><BR>Fiorenzi A.<BR><BR></I></FONT><BR>
<TABLE cellSpacing=0 cellPadding=0 width="100%">
<TBODY>
<TR></TR>
<TR></TR>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=0 width="100%">
<TBODY>
<TR></TR>
<TR></TR>
<TR>
<TD><FONT
size=3><B>------------------------------------------------------------------------
<ADDRESS>INFOGROUP S.P.A
http://www.infogroup.it
</ADDRESS>-------------------------------------------------------------------------<BR>DR.
FIORENZI ALESSANDRO </B></FONT><BR><BR>Consulente Tribunale
Firenze - sicurezza informatica -<BR>Security Administrator
<BR>Socio <A
href="file:///home/fiore/signature/www.clusit.it"><U>CLUSIT</U></A>,
<A
href="file:///home/fiore/signature/www.alsi.it"><U>ALSI</U></A><BR><BR><BR><BR><BR><BR>
<ADDRESS>Tel : +39.055.43.65.742 <BR>CE : +39.335.64.144.77
<BR>@Email : a.fiorenzi@infogroup.it <BR>PGP Key:
http://www.infogroup.it/ds/fiorenzi.asc</ADDRESS><FONT
size=3><I>-------------------------------------------------------------------------<BR>
<B>"Faber est suae quisque fortunae"
</B><BR>-------------------------------------------------------------------------</I></FONT>
</TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></BLOCKQUOTE></BLOCKQUOTE>
<TABLE cellSpacing=0 cellPadding=0 width="100%">
<TBODY>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=0 width="100%">
<TBODY>
<TR>
<TD><FONT
size=3><B>------------------------------------------------------------------------
<ADDRESS>INFOGROUP S.P.A
http://www.infogroup.it
</ADDRESS>-------------------------------------------------------------------------<BR>DR.
FIORENZI ALESSANDRO </B></FONT><BR><BR>Consulente Tribunale
Firenze - sicurezza informatica -<BR>Security Administrator
<BR>Socio <A
href="file:///home/fiore/signature/www.clusit.it"><U>CLUSIT</U></A>,
<A
href="file:///home/fiore/signature/www.alsi.it"><U>ALSI</U></A><BR><BR><BR><BR><BR>
<ADDRESS>Tel : +39.055.43.65.742 <BR>CE : +39.335.64.144.77
<BR>@Email : a.fiorenzi@infogroup.it <BR>PGP Key:
http://www.infogroup.it/ds/fiorenzi.asc</ADDRESS><FONT
size=3><I>-------------------------------------------------------------------------<BR>
<B>"Faber est suae quisque fortunae"
</B><BR>-------------------------------------------------------------------------</I></FONT>
</TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><BR><BR></BLOCKQUOTE></BODY></HTML>
------_=_NextPart_001_01C3E4F9.9221C2CB--