[syslog-ng]logs are not generated and managed by syslog-ng but it is started properly
jack alex
syslog-ng@lists.balabit.hu
Wed, 9 Mar 2005 01:43:55 -0800 (PST)
Dear All,
I am trying to configure syslog-ng package for
managing logs, but there is some where something wrong
in my configuration such that it is not generatinglogs
below file is quite long
#vi /usr/local/etc/syslog-ng/syslog-ng.conf
code:
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (on);
use_fqdn (yes);
create_dirs (no);
chain_hostnames(no);
keep_hostname (yes);
perm(0644);
dir_perm(0755);
};
source s_sys { unix-stream ("/dev/log"); internal();
};
source s_udp { udp(); };
source kernel_file { file("/proc/kmsg"); };
destination d_cons {
file("/dev/console"); };
destination d_spol {
file("/var/log/spooler.log"); };
destination d_mesg {
file("/var/log/messages.log"); };
destination d_auth {
file("/var/log/secure.log"); };
destination d_uucp {
file("/var/log/uucp.log"); };
destination d_boot {
file("/var/log/boot.log"); };
destination d_mlal { usertty("*"); };
destination d_kern {
file("/var/log/kernel.log"); };
destination numetrace {
file("/var/log/numetrace.log"); };
destination nume {
file("/var/log/nume.log"); };
destination postgres {
file("/var/log/postgres.log"); };
destination php {
file("/var/log/local2.log"); };
destination boot {
file("/var/log/boot.log"); };
destination cron {
file("/var/log/cron.log"); };
destination daemon {
file("/var/log/daemon.log"); };
destination ftp {
file("/var/log/ftp.log"); };
destination lpr {
file("/var/log/lpr.log"); };
destination mail {
file("/var/log/maillog"); };
destination news {
file("/var/log/news.log"); };
destination syslog {
file("/var/log/syslog.log"); };
destination user {
file("/var/log/user.log"); };
destination local3 {
file("/var/log/local3.log"); };
destination local4 {
file("/var/log/local4.log"); };
destination local5 {
file("/var/log/local5.log"); };
destination local6 {
file("/var/log/local6.log"); };
destination emerg {
file("/var/log/emerg.log"); };
destination crit {
file("/var/log/crit.log"); };
destination alert {
file("/var/log/alert.log"); };
destination err {
file("/var/log/err.log"); };
destination warning {
file("/var/log/warning.log"); };
filter cons { facility(kern); };
filter spooler { facility(uucp) or
(facility(news) and level(crit)); };
filter mesg { level(info, notice, warning,
err, crit, alert, emerg) and facility(kern, uucp,
news, local3, local4, local5, local6, daemon, ftp,
lpr); };
filter auth { facility(authpriv); };
filter emerg { level(emerg); };
filter uucp { facility(uucp); };
filter cron { facility(cron); };
filter kern_debug { facility(kern); };
filter postgres { facility(local0); };
filter nume_trace { facility(local1); };
filter nume { facility(local1) and
level(info, notice, warning, err, crit, alert, emerg);
};
filter php { facility(local2); };
filter local3 { facility(local3); };
filter local4 { facility(local4); };
filter local5 { facility(local5); };
filter local6 { facility(local6); };
filter boot { facility(local7); };
filter daemon { facility(daemon); };
filter ftp { facility(ftp); };
filter lpr { facility(lpr); };
filter mail { facility(mail); };
filter news { facility(news); };
filter syslog { facility(syslog); };
filter user { facility(user); };
filter warning { level(warning); };
filter crit { level(crit, alert, emerg); };
filter alert { level(alert, emerg); };
filter err { level(err, crit, alert, emerg);
};
log { source(s_sys); source(s_udp); filter(cons);
destination(d_cons); };
log { source(s_sys); source(s_udp); filter(mesg);
destination(d_mesg); };
log { source(s_sys); source(s_udp); filter(auth);
destination(d_auth); };
log { source(s_sys); source(s_udp); filter(emerg);
destination(d_mlal); };
log { source(s_sys); source(s_udp); filter(uucp);
destination(d_uucp); };
log { source(s_sys); source(s_udp); filter(boot);
destination(boot); };
log { source(s_sys); source(s_udp); filter(php);
destination(php); };
log { source(s_sys); source(s_udp); filter(postgres);
destination(postgres); };
log { source(s_sys); source(s_udp);
filter(nume_trace); destination(numetrace); };
log { source(s_sys); source(s_udp);
filter(nume); destination(nume); };
log { source(s_sys); source(s_udp);
source(kernel_file); filter(kern_debug);
destination(d_kern); };
log { source(s_sys); source(s_udp); filter(cron);
destination(cron); };
log { source(s_sys); source(s_udp); filter(daemon);
destination(daemon); };
log { source(s_sys); source(s_udp); filter(ftp);
destination(ftp); };
log { source(s_sys); source(s_udp); filter(lpr);
destination(lpr); };
log { source(s_sys); source(s_udp); filter(mail);
destination(mail); };
log { source(s_sys); source(s_udp); filter(news);
destination(news); };
log { source(s_sys); source(s_udp); filter(syslog);
destination(syslog); };
log { source(s_sys); source(s_udp); filter(user);
destination(user); };
log { source(s_sys); source(s_udp); filter(local3);
destination(local3); };
log { source(s_sys); source(s_udp); filter(local4);
destination(local4); };
log { source(s_sys); source(s_udp); filter(local5);
destination(local5); };
log { source(s_sys); source(s_udp); filter(local6);
destination(local6); };
log { source(s_sys); source(s_udp); filter(spooler);
destination(d_spol); };
log { source(s_sys); source(s_udp); filter(emerg);
destination(emerg); };
log { source(s_sys); source(s_udp); filter(crit);
destination(crit); };
log { source(s_sys); source(s_udp); filter(alert);
destination(alert); };
log { source(s_sys); source(s_udp); filter(err);
destination(err); };
log { source(s_sys); source(s_udp); filter(warning);
destination(warning); };
filter ext_filter { level(warning) or level(err) or
level(alert) or level(crit) or level(emerg) or
facility(authpriv); };
log { source(s_sys); source(s_udp);
source(kernel_file); filter(ext_filter); };
Any guess , why it is not managing log, no new logs
have been added to log directory, as
/var/log/messages doens't contains any new message
after i configured syslog-ng but if i will restart my
syslog(the default that comes with redhat) it will
start adding new logs to /var/log/messages. . ......
-jack
__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/