[syslog-ng] RE: Syslog-ng not logging anything from Solaris host
Arya, Manish Kumar
m.arya at yahoo.com
Sun Jun 18 03:22:29 CEST 2006
Hi Shah,
I am not sure if syslog-ng config file u sent in
mail is complete (as on ur test box), but if its
really the same file as on server, then i would say u
have not added "destination" and "log" directives to
it. it wont work without these.
-manish
--- "Shah, Maunir" <Maunir.shah at knowles.com> wrote:
> telnet uses tcp, whereas syslogd uses udp by
> default, so the traffic
> might still be blocked by a firewall.
>
> Regarding your response for telnet, we had tcp and
> udp protocol enabled
> for syslog-ng when we tested to make sure firewall
> is not blocking it.
> But, since default solaris syslog uses udp I took
> out tcp to test and no
> logging whatsoever. When I run a snoop on syslog-ng
> server I don't even
> see any kind of packets coming in when I run logger
> -p on the test host.
> Does anyone know if my syslog.conf file on the test
> box is right or
> wrong? Maybe that's what is causing it to not send
> anything.
>
> Thanks
>
>
> Maunir Shah
>
>
>
> ________________________________
>
> From: Shah, Maunir
> Sent: Friday, June 16, 2006 11:37 AM
> To: 'syslog-ng at lists.balabit.hu'
> Subject: Syslog-ng not logging anything from Solaris
> host
>
>
>
> I'm running syslog-ng 1.6.11 on Solaris 10 zone, and
> so far I'm able to
> see logs being created locally but I'm not seeing
> any kind of logging
> from other Solaris host. For my syslog-ng server I
> made sure that I'm
> using udp and for source its door. I've two test
> servers running
> Solaris 8 and 10 that I'm testing from and have
> changed syslog.conf to
> reflect the changes and point all my logs to go to
> syslog-ng. It's not
> the firewall that is blocking it as we are able to
> telnet to port 514
> and whatever you type in the cmd prompt it records
> it on the syslog-ng
> server. I know I'm missing something in the config
> file but not sure
> what I'm doing wrong.
>
>
>
> My syslog-ng.conf file
>
>
>
> source s_dgram
>
> { sun-streams ("/dev/log"
> door("/etc/.syslog_door")); };
>
>
>
> source s_internal
>
> { internal(); };
>
>
>
> #source s_kernel
>
> # { pipe("/proc/kmsg" log_prefix("kernel: ")); };
>
>
>
> #source s_tcp
>
> # { tcp(ip(10.1.100.84)port(514) keep-alive(yes)
> max_connections(100));
> };
>
>
>
> source s_udp
>
> { udp(); };
>
>
>
> Solaris 8 box syslog.conf file
>
>
>
> #ident "@(#)syslog.conf 1.5 98/12/14
> SMI" /* SunOS 5.0 */
>
> #
>
> # Copyright (c) 1991-1998 by Sun Microsystems, Inc.
>
> # All rights reserved.
>
> #
>
> # syslog configuration file.
>
> #
>
> # This file is processed by m4 so be careful to
> quote (`') names
>
> # that match m4 reserved words. Also, within
> ifdef's, arguments
>
> # containing commas must be quoted.
>
> #
>
> *.*
> @loghost
>
>
>
> Maunir Shah
>
> 630-285-5875 - desk
>
> 630-550-6266 - cell
>
>
>
> ******************************* IMPORTANT MESSAGE
> ******************************
> This transmission may contain information that is
> privileged, confidential
> and/or exempt from disclosure under applicable law.
> If you are not the intended
> recipient, you are hereby notified that any
> disclosure, copying, distribution,
> or use of the information contained herein
> (including any reliance thereon) is
> STRICTLY PROHIBITED. If you received this
> transmission in error, please
> immediately contact the sender and destroy the
> material in its entirety, whether
> in electronic or hard copy format. Thank you.
>
********************************************************************************
> > _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at
> http://www.campin.net/syslog-ng/faq.html
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the syslog-ng
mailing list