[syslog-ng] Not able to recive all syslog messages
add gy
addyg420 at yahoo.com
Fri Nov 12 08:41:32 CET 2010
Hi ,
Thanks Sandor for your replay please find outputs
-----------------------------------------------------------------------------------------------------------------
netstat -l -n -p
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 21589/syslog-ng
tcp 0 0 0.0.0.0:904 0.0.0.0:* LISTEN 2842/rpc.statd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 3137/smbd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2822/portmap
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 3055/vsftpd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 20707/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3111/sendmail: acce
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 3137/smbd
tcp 0 0 :::80 :::* LISTEN 3175/httpd
tcp 0 0 :::22 :::* LISTEN 3004/sshd
tcp 0 0 :::443 :::* LISTEN 3175/httpd
udp 110400 0 0.0.0.0:514 0.0.0.0:* 21589/syslog-ng
udp 0 0 0.0.0.0:898 0.0.0.0:* 2842/rpc.statd
udp 0 0 0.0.0.0:901 0.0.0.0:* 2842/rpc.statd
udp 0 0 172.16.1.200:137 0.0.0.0:* 3141/nmbd
udp 0 0 202.138.117.51:137 0.0.0.0:* 3141/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 3141/nmbd
udp 0 0 172.16.1.200:138 0.0.0.0:* 3141/nmbd
udp 0 0 202.138.117.51:138 0.0.0.0:* 3141/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 3141/nmbd
udp 0 0 0.0.0.0:111 0.0.0.0:* 2822/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 20707/cupsd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 2104 1058/minilogd /dev/log
unix 2 [ ACC ] STREAM LISTENING 7998 3164/gpm /dev/gpmctl
unix 2 [ ACC ] STREAM LISTENING 8119 3205/xfs /tmp/.font-unix/fs7100
unix 2 [ ACC ] STREAM LISTENING 6391 2960/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 8197 3235/dbus-daemon-1 /var/run/dbus/system_bus_socket
--------------------------------------------------------------------------------------------------------------------------------
lsof -n -P -p 21589
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
syslog-ng 21589 root cwd DIR 253,0 4096 2 /
syslog-ng 21589 root rtd DIR 253,0 4096 2 /
syslog-ng 21589 root txt REG 253,0 140428 1884183 /sbin/syslog-ng
syslog-ng 21589 root mem REG 253,0 22524 6963247 /lib/libnss_dns-2.3.4.so
syslog-ng 21589 root mem REG 253,0 112212 6964079 /lib/ld-2.3.4.so
syslog-ng 21589 root mem REG 253,0 1543220 6964080 /lib/tls/libc-2.3.4.so
syslog-ng 21589 root mem REG 253,0 16748 6964083 /lib/libdl-2.3.4.so
syslog-ng 21589 root mem REG 253,0 214060 6964084 /lib/tls/libm-2.3.4.so
syslog-ng 21589 root mem REG 253,0 107928 6964081 /lib/tls/libpthread-2.3.4.so
syslog-ng 21589 root mem REG 253,0 505200 7813187 /usr/lib/libglib-2.0.so.0.400.7
syslog-ng 21589 root mem REG 253,0 81140 6964095 /lib/libresolv-2.3.4.so
syslog-ng 21589 root mem REG 253,0 101748 6964087 /lib/libnsl-2.3.4.so
syslog-ng 21589 root mem REG 253,0 28504 7809227 /usr/lib/libwrap.so.0.7.6
syslog-ng 21589 root mem REG 253,0 41392 7807119 /usr/lib/libevtlog.so.0.0.0
syslog-ng 21589 root mem REG 253,0 136308 7807107 /usr/lib/libdbi8.so.0.0.5
syslog-ng 21589 root mem REG 253,0 47420 6963250 /lib/libnss_files-2.3.4.so
syslog-ng 21589 root mem REG 253,0 50716 6964088 /lib/tls/librt-2.3.4.so
syslog-ng 21589 root mem REG 253,0 15440 7813189 /usr/lib/libgthread-2.0.so.0.400.7
syslog-ng 21589 root 0r CHR 1,3 2174 /dev/null
syslog-ng 21589 root 1w CHR 1,3 2174 /dev/null
syslog-ng 21589 root 2w CHR 1,3 2174 /dev/null
syslog-ng 21589 root 3r FIFO 0,7 600630 pipe
syslog-ng 21589 root 4w FIFO 0,7 600630 pipe
syslog-ng 21589 root 5u IPv4 600631 TCP *:514 (LISTEN)
syslog-ng 21589 root 6u IPv4 600632 UDP *:514
syslog-ng 21589 root 7w REG 253,0 166729 3654854 /var/log/syslog-ng.log
syslog-ng 21589 root 8u IPv4 601698 TCP 172.16.1.200:514->172.16.1.48:4189 (CLOSE_WAIT)
syslog-ng 21589 root 9w REG 253,0 208821114 3752054 /var/log/syslog-ng/172.16.16.13/messages
syslog-ng 21589 root 10u REG 253,0 42205502 3833896 /var/log/syslog-ng/MUM4S01LBF5640ISA02/messages
syslog-ng 21589 root 11u REG 253,0 46530 6964157 /var/log/syslog-ng/172.16.16.19/messages
syslog-ng 21589 root 12w REG 253,0 2123 7389223 /var/log/syslog-ng/172.16.16.212/messages
syslog-ng 21589 root 13u REG 253,0 103030 6438998 /var/log/syslog-ng/1/messages
syslog-ng 21589 root 14w IPv4 601704 UDP 202.138.117.51:51455->202.138.96.2:53
syslog-ng 21589 root 19u REG 253,0 102774 5259345 /var/log/syslog-ng/220.226.204.56/messages
-----------------------------------------------------------------------------------------------------------------------------
Some sample proof that the messages actually reach server
Nov 11 00:34:27 172.16.32.219/172.16.32.219 AppDi11-11-2010 00:49:40 WARNING Farm Super_Trade_1.111 Server 10.65.X.X Port 80 TCP Is Not Responding
Nov 11 00:39:27 172.16.32.219/172.16.32.219 AppDi11-11-2010 00:51:56 WARNING Farm RTrade_New_Feed_Test_10.25 Server 10.65.10.27 Port 80 TCP Is Not Responding
Nov 11 00:40:27 172.16.32.219/172.16.32.219 AppDi11-11-2010 00:52:36 WARNING Farm Farm_10.20 Server 10.65.10.9 Port 80 TCP Is Not Responding
Nov 11 00:42:27 172.16.32.219/172.16.32.219 AppDi11-11-2010 00:55:16 WARNING Farm Farm_10.20 Server 10.65.X.X Port 80 TCP Is Not Responding
Nov 11 00:47:47 172.16.32.219/172.16.32.219 AppDi11-11-2010 00:59:36 INFO Farm Farm_3 Server 10.65.X.X Up
Nov 11 00:48:27 172.16.32.219/172.16.32.219 AppDi11-11-2010 00:59:56 WARNING Farm Farm_4 Server 10.65.X.X Port 80 TCP Is Not Responding
Nov 11 01:09:27 172.16.32.219/172.16.32.219 AppDi11-11-2010 01:23:16 INFO Farm Super_Trade_1.111 Server 10.65.X.X Up
Nov 11 07:30:28 172.16.32.219/172.16.32.219 AppDi11-11-2010 07:49:36 INFO Farm Farm_10.20 Server 10.65.X.X Up
---------------------------------------------------------------------------------------------------------------------------------
Please also review config file. thanks
Regards,
Add
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20101111/9b257db0/attachment-0001.htm
More information about the syslog-ng
mailing list