[syslog-ng] syslog-ng 2.0.5 dropped messages - totally confused
Balazs Scheidler
bazsi at balabit.hu
Thu Mar 13 11:11:15 CET 2008
On Wed, 2008-03-12 at 09:36 -0700, Evan Rempel wrote:
> Balazs Scheidler wrote:
> > On Wed, 2008-03-05 at 11:50 -0800, Evan Rempel wrote:
> >> Please bear with me. This is a little involved.
> >
> > I know about one possible bug that might explain this: as long as the
> > _first_ connection to a TCP destination is not established, dropped
> > messages are not counted.
> >
> > E.g. the dropped counter is allocated for a destination when the first
> > connection is established.
> >
> > So if server2 was down when syslog-ng started and server1 was up,
> > syslog-ng might not count dropped messages towards server2 in the
> > initial period.
> >
> > Does that sound possible?
>
>
> It does sound possible, but I can't really confirm this. We have 17 sysadmin making
> changes to 25 different network segments, firewall etc, and on top of that
> we just moved one of our two syslog servers to a different new data center with all of the
> accompanying firewall issues that go with 30 new subnets being rolled out at once :-(
>
> All I really wonder now is "in what version of syslog-ng has/was this issue addressed?"
It was not fixed yet, my collegue diagnosed it in the previous weeks,
but I did not get around to fix that yet.
--
Bazsi
More information about the syslog-ng
mailing list