[syslog-ng] syslog-ng not logging
fico gid
ficohertz at gmail.com
Fri Sep 30 02:51:37 CEST 2005
Hi Again,
Below is the whole syslog-ng.conf file . Yes, it is not separating as
in /host/somehost/year/month/day ..
--
## syslog-ng
source remote {
unix-stream("/var/run/log"); internal(); pipe("/dev/klog");
udp(ip(157.1.1.13) port(514));
tcp(ip(157.1.1.13) port(514) keep-alive(yes));
};
destination std {
file("/var/log/hosts/$HOST/$YEAR/$MONTH/$DAY/$FACILITY" owner(root) grou
p(root)
perm(0644) dir_perm(0755) create_dirs(yes));
};
log {
source(remote);
destination(std);
};
destination authlog { file("/var/log/auth.log"); };
destination cron { file("/var/log/cron.log"); };
destination debug { file("/var/log/debug.log"); };
destination kern { file("/var/log/kern.log"); };
destination user { file("/var/log/userlog"); };
# This files are the log come from the mail subsystem.
#
destination maillog { file("/var/log/maillog"); };
destination security { file("/var/log/security"); };
destination messages { file("/var/log/messages"); };
--
Let me know if you need more info,
fico
On 9/27/05, catenate <infosec at gmail.com> wrote:
>
>
> On 9/26/05, fico gid <ficohertz at gmail.com> wrote:
> > Hi Catenate,
> >
> > From the tcpdump i can see the packets coming into the syslog server
> > but apparently it is not sorting out properly. It goes to the default
> > directory differentiated by only date and not hostname.
> >
> > What could be the problem ?
>
> What exactly is happening - you mean it logs to your destinations like
> /var/log/kern.log or that it logs to files below /var/log/hosts but not
> separated by hostname? Initially you said nothing was being logged at all.
> Please be specific.
>
> Also, is that really your whole syslog-ng config file? Go ahead and send
> the whole thing, assuming it's not more than a few hundred lines.
>
>
>
More information about the syslog-ng
mailing list