[syslog-ng] UDP packet loss with syslog-ng
Lars Kellogg-Stedman
lars at oddbit.com
Fri Oct 15 22:54:03 CEST 2010
> the time. A great sanity check is to use nc -l 514 -u >
> /some/out/file
Right, I did that...as I described in the message.
> how many were received. If that's looking good, I recommend running
> tcpdump/wireshark to find the rate of DNS lookups from the box.
I'll take a look. I'm coming from a single host, and I do have dns
caching enabled, so I would be surprised if this is the problem. As a
first step I may just disable DNS and see if that has any impact on
the problem.
> two. A full answer would require seeing the values of your output
> templates.
template t_daily_log {
template("$FULLHOST_FROM $YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC
[$FACILITY:$LEVEL] [$PROGRAM:$PID] $MSG\n");
};
template t_host_log {
template("$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC [$FACILITY:$LEVEL]
[$PROGRAM:$PID] $MSG\n");
};
More information about the syslog-ng
mailing list