[syslog-ng] line of sendmail log output missing?

Centyx Centalix centyx at centyx.net
Fri May 4 16:25:53 CEST 2007 

Hi,

I recently switched from syslogd to syslog-ng on several servers running
CentOS. While running syslogd, a usual mail delivery appeared in
/var/log/maillog as follows:

Apr 22 04:11:07 ws01 sendmail[32181]: l3M8B71l032181: from=<someuser at someremote.domain>, size=2361, class=0, nrcpts=1, msgid=<001901c784c6$9688fea0$018ab484 at maison9tm8hfuv>, proto=ESMTP, relay=root at localhost
Apr 22 04:11:07 ws01 sendmail[32179]: l3M8Av5T032164: to=<domain_support at somelocal.domain>, delay=00:00:04, xdelay=00:00:00, mailer=virthostmail, pri=121926, relay=somelocal.domain, dsn=2.0.0, stat=Sent (l3M8B71l032181 Message accepted for delivery)
Apr 22 04:11:07 ws01 spamd[24594]: spamd: connection from localhost.localdomain [127.0.0.1] at port 50252 
Apr 22 04:11:07 ws01 spamd[24594]: spamd: setuid to domain_admin at somelocal.domain succeeded 
Apr 22 04:11:07 ws01 spamd[24594]: spamd: processing message <001901c784c6$9688fea0$018ab484 at maison9tm8hfuv> for domain_admin at somelocal.domain:22003 
Apr 22 04:11:08 ws01 spamd[24594]: spamd: identified spam (18.5/4.0) for domain_admin at somelocal.domain:22003 in 1.3 seconds, 2646 bytes. 
Apr 22 04:11:08 ws01 spamd[24594]: spamd: result: Y 18 - BAYES_99,HELO_DYNAMIC_IPADDR2,HELO_DYNAMIC_SPLIT_IP,HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL scantime=1.3,size=2646,user=domain_admin at somelocal.com,uid=22003,required_score=4.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=50252,mid=<001901c784c6$9688fea0$018ab484 at maison9tm8hfuv>,bayes=1,autolearn=spam 
Apr 22 04:11:08 ws01 spamd[4109]: prefork: child states: BI 
Apr 22 04:11:08 ws01 spamd[4109]: spamd: handled cleanup of child pid 24594 due to SIGCHLD 
Apr 22 04:11:08 ws01 spamd[4109]: spamd: server successfully spawned child process, pid 32189 
Apr 22 04:11:08 ws01 spamd[4109]: prefork: child states: II 
Apr 22 04:11:08 ws01 sendmail[32182]: l3M8B71l032181: to=domain_admin, delay=00:00:01, xdelay=00:00:01, mailer=local, pri=32547, dsn=2.0.0, stat=Sent

Now, after replacing syslogd with syslog-ng, the last line showing the
delivery by the local mailer ( in this case, procmail ) is absent from
the log files. I have made sure that levels info through emergency are
specified for facility mail, and have also checked to see if this
message was showing up under any other facility ( although I have not
explicity defined the levels for all facilities ).

I am rather stumped about where this line of log output is going. Any
suggestions would be greatly appreciated.

-- 
We're all in this together.

More information about the syslog-ng mailing list