[syslog-ng] Syslog-ng not receiving messages
Martin Holste
mcholste at gmail.com
Wed Nov 17 23:29:31 CET 2010
Hm, maybe a permissions issue with writing? Try putting in
/tmp/somefile as the destination and see if that works. Also, you
should verify that messages are in fact arriving on the server using
tcpdump.
On Wed, Nov 17, 2010 at 3:44 PM, keshava Veerabhadraiah
<mv.keshava at gmail.com> wrote:
> Hi
> I am new to syslog-ng and I have gone through other post to see if I can
> get a resolution to my problem.
> Syslog is not writing to the destination file any messages received on udp()
> or tcp().
> I have made sure that syslog server is receiving the syslog messages as seen
> from the tcpdump
>
>
> 15:09:55.422423 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.warning, length: 153
> 15:09:55.434638 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 184
> 15:09:55.470383 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 176
> 15:09:55.473519 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 190
> 15:09:55.493361 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 180
> 15:09:55.493748 IP aspsyslog.sungardebs.com.ssh > nim.sungardebs.com.42703:
> P 128608:129696(1088) ack 289 win 461 <nop,nop,timestamp 88706531
> 1310848493>
> 15:09:55.495519 IP 10.140.141.9.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 188
> 15:09:55.495548 IP 10.140.141.9.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.debug, length: 90
> 15:09:55.495556 IP 10.140.141.9.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.debug, length: 85
> 15:09:55.521115 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.debug, length: 87
> 15:09:55.521188 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 188
> 15:09:55.522041 IP 10.140.141.6.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 175
> 15:09:55.522212 IP 10.140.141.7.syslog > aspsyslog.sungardebs.com.syslog:
> SYSLOG local4.info, length: 164
>
>
>
> Here is how my syslog-ng config looks.
>
> @version: 3.0
> #Default configuration file for syslog-ng.
> #
> # For a description of syslog-ng configuration file directives, please read
> # the syslog-ng Administrator's guide at:
> #
> # http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html
> #
>
> options {
> chain_hostnames(no);
> create_dirs (no);
> dir_perm(0755);
> dns_cache(no);
> keep_hostname(yes);
> log_fifo_size(2048);
> log_msg_size(1024);
> log_iw_size (500);
> long_hostnames(on);
> perm(0644);
> stats_freq(3600);
> flush_lines(100);
> time_reopen (10);
> use_dns(no);
> use_fqdn(yes);
> # max_connections(100);
>
> };
>
> source s_all {
> udp(so_rcvbuf(2048576));
> tcp();
> unix-stream("/dev/log");
> internal();
> file("/proc/kmsg");
> };
>
> destination d_file_normal {file("/var/log/messages_syslog-ng.log"); };
>
> log { source(s_all); destination (d_file_normal); };
>
>
> Any help would be greatly appreciated.
>
> Thanks
>
>
>
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
>
More information about the syslog-ng
mailing list