[syslog-ng] Syslog UDP extra packet?
Syslog Beginner
syslogbeginner at gmail.com
Thu Dec 10 03:28:47 CET 2009
Hello Syslog Experts,
I have a question on the syslog-ng. I use syslog-ng 3.0.2. I tried to setup
syslog-ng to forward syslog messages to other host. I tested 2 destination
driver, udp() and syslog() as per below.
test 1: udp("10.x.x.x" port(514))
test 2: syslog("10.x.x.x" transport("udp") port(514));
I found that with udp() driver, syslog-ng just forwards the incoming log
messages to external host. No problem. However, with the syslog() driver, I
found that syslog-ng generate 2 udp packets
packet1... contains only 4 bytes in payload, I think this is message
length??
packet2... is the actual syslog udp packet.
Is it possible to disable the first packet? this just create the overhead
unnecessarily? Please advise. Thanks.
Cheers,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20091210/71d60967/attachment.htm
More information about the syslog-ng
mailing list