[syslog-ng] Syslog-ng central logging server

Evan Rempel erempel at uvic.ca
Mon Apr 23 17:35:02 CEST 2007 

The server is not configured to accept any TCP incoming data. You require a source with TCP

source s_tcp { tcp(ip("20.5.68.82") port(514) ); };

The option ip should really read localip but some versions of syslog-ng did not accept this option, so
ip is used.

An then include that in your log configuration on your server.

Evan.

Shamim wrote:
> Server
> -----------------------------
> [root at plggd020 etc]# more syslog-ng.conf
> #sample syslog-ng.conf for a central logging server
> options {
>       sync (0);
>     log_fifo_size (2048);
>     create_dirs (yes);
>     group (root);
>     dir_group (root);
>     perm (0640);
>     dir_perm (0750);
>     };
>   source s_local { internal(); unix-stream("/dev/log"); file("/proc/kmsg" log_prefix("kernel: ")); };
> destination d_auth { file("/var/log/auth.log"); };
> filter f_auth { facility(auth, authpriv); };
>   source s_remote { tcp(); };
> destination d_clients { file("/var/log/HOSTS/$HOST"); };
>   log { source(s_remote); destination(d_clients); };
> log { source(s_local); filter(f_auth); destination(d_auth); };
>   
> Client
> -----------------
>   -bash-3.00# more syslog-ng.conf
> #sample syslog-ng.conf for a remote client
> source s_local { internal(); unix-stream("/dev/log"); file("/proc/kmsg" log_prefix("kernel: ")); };
>   destination d_loghost {tcp("20.5.68.82" port(514));};
> log { source(s_local); destination(d_loghost); };
>   destination messages { file("/var/log/messages-ng"); };
> log {
>         source(s_local);
>         destination(messages);
> };
>   -bash-3.00#
>   And there is no message going to Server 
> However at Client side log files shows the message as below:
>   -bash-3.00# logger "test "
> -bash-3.00# tail /var/log/messages-ng
> Apr 23 08:44:38 s_local at zlggd052 syslog-ng[9935]: syslog-ng starting up; version='2.0.2'
> Apr 23 08:44:38 s_local at zlggd052 syslog-ng[9935]: Connection failed; error='No route to host (113)', time_reopen='60'
> Apr 23 08:45:12 s_local at zlggd052 syslog-ng[9935]: SIGTERM received, terminating;
> Apr 23 08:45:12 s_local at zlggd052 syslog-ng[9935]: syslog-ng shutting down; version='2.0.2'
> Apr 23 08:45:13 s_local at zlggd052 syslog-ng[9945]: syslog-ng starting up; version='2.0.2'
> Apr 23 08:45:13 s_local at zlggd052 syslog-ng[9945]: Connection failed; error='No route to host (113)', time_reopen='60'
> Apr 23 08:45:18 s_local at zlggd052 soetest1: test
> Apr 23 08:46:13 s_local at zlggd052 syslog-ng[9945]: Connection failed; error='No route to host (113)', time_reopen='60'
> Apr 23 08:47:13 s_local at zlggd052 syslog-ng[9945]: Connection failed; error='No route to host (113)', time_reopen='60'
> Apr 23 08:47:46 s_local at zlggd052 soetest1: test
> -bash-3.00#
>    
>    
>   Please suggest what will be the reason.
>    
>   Thanks & Regards
>    
>   
> Shamim
>    
> 
>        
> ---------------------------------
>  Yahoo! Answers - Got a question? Someone out there knows the answer. Tryit now.
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> 


-- 
Evan Rempel                erempel at uvic.ca
Senior Programmer Analyst        250.721.7691
Computing Services
University of Victoria

More information about the syslog-ng mailing list