[syslog-ng] syslog-ng unable to starts

Andreas Kurz andreas.kurz at gmail.com
Sun Aug 26 14:09:15 CEST 2007 

On 8/24/07, mailing list <sunlist at yahoo.com> wrote:
> Basically, I just installed syslog-ng on my server (server1) and I want this
> server to be the main log server.
>
> - Do I need to replace all the "destination" portion with "source" to allow
> server1 to be the main log server? and other servers to forward their logs to

No, but you can remove the "destination loghost" entry on server1 as
there should be no need to  send local messages on server1 to itself
again on the network.

> server1 with
>
> destination loghost {
>         tcp(server1.domain.com port(5140));
> };
>

You need a network source entry on server1 like:

source loghost { tcp( ip(w.x.y.z) port(5140)); };

and add "source (loghost);" to your log entries on server1.

... and the remote hosts need a destination entry like:

destination loghost {
       tcp("w.x.y.z"  port(5140));
};


> - Next, don't I need to open up port 5140 for syslog-ng?  which I did in
> /etc/services (and rehup inetd) and configure it in my firewall but it seems
> 5140 is still not open...
>
> $ telnet 127.0.0.1 5140
> Trying 127.0.0.1...
> telnet: Unable to connect to remote host: Connection refused

If you inlcude the tcp source entry in your syslog-ng config,
syslog-ng will open&listen to the defined port .... no need for inetd,
of course firewalls have to be adopted.

I recommend reading the documentation on:
http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/index.html
... it includes a lot of useful examples.

Regards,
Andreas

> My goal is to setup server1 to be the main log server, and other servers to
> forward their logs onto server1.
>
> Thanks.
>
> -- Mike
>
>
>
>
>
> ____________________________________________________________________________________
> Need a vacation? Get great deals
> to amazing places on Yahoo! Travel.
> http://travel.yahoo.com/
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>

More information about the syslog-ng mailing list