[syslog-ng] Solaris 10_x86 server.

sramesh.kumar at wipro.com sramesh.kumar at wipro.com
Wed Apr 27 11:07:17 CEST 2011 

Hi Zoltan,

 

Thanks to your mail... But I am getting below error....in solaris10 os. Please suggest.

 

bash-3.00# /usr/local/sbin/syslog-ng -d -f /etc/syslog-ng/syslog-ng.conf

Error opening file for reading; filename='/proc/kmsg', error='No such file or directory (2)'

Error initializing source driver; source='s_sys'

\bash-3.00# ls -l /proc/kmsg

/proc/kmsg: No such file or directory

bash-3.00#

 

From: Zoltán Pallagi [mailto:pzolee at balabit.hu] 
Sent: Wednesday, April 27, 2011 1:57 PM
To: Syslog-ng users' and developers' mailing list
Cc: SRamesh Kumar (WI01 - Manage IT)
Subject: Re: [syslog-ng] Solaris 10_x86 server.

 

Hi,

If you start syslog-ng in debug mode (syslog-ng -Fevd) it will complain about the problems.

I've fixed your configuration, the problems were the following:
-sun-stream -> sun-streams
-created_dirs was given for destinations, it's only a global option

Also, you shouldn't declare the same source twice (sun-streams("dev/log")), you can use a source in several log path. E.g.:
log { 
source(s_ext);
source(s_sys);
destination(d_ext); };
--------------------------------------------
Fixed config:

@version: 4.0
options {
sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no);
use_fqdn (no);
create_dirs (yes);
keep_hostname (yes);
};

source s_sys {
file ("/proc/kmsg" log_prefix("kernel: "));
sun-streams ("/dev/log");
internal();
};

 

# External Source

source s_ext

{
# Standard Syslog
udp(); # All interfaces
tcp(); # All interfaces on tcp port
sun-streams("/dev/log"); # you should remove it and use the s_sys source in the proper log path
};

destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/adm/messages"); };
destination d_mail { file("/var/log/syslog"); };
destination d_auth { file("/var/log/authlog"); };
destination d_mlop { usertty("operator"); };
destination d_mlrt { usertty("root"); };
destination d_mlal { usertty("*"); };
destination d_ext

{

file("/syslog-ng/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" \
owner(root) group(root) perm(0650) dir_perm(0750));

};

 

filter f_filter1   { level(err) or

                     (level(notice) and facility (auth, kern)); };

filter f_filter2   { level(err) or

                     (facility(kern) and level(notice)) or

                     (facility(daemon) and level(notice)) or

                     (facility(mail) and level(crit)); };

filter f_filter3   { level(alert) or

                     (facility(kern) and level(err)) or

                     (facility(daemon) and level(err)); };

filter f_filter4   { level(alert); };

filter f_filter5   { level(emerg); };

filter f_filter6   { facility(kern) and level(notice); };

filter f_filter7   { facility(mail) and level(debug); };

filter f_filter8   { facility(user) and level(err); };

filter f_filter9   { facility(user) and level(alert); };

 

log { source(s_sys); filter(f_filter1); destination(d_cons); };

log { source(s_sys); filter(f_filter2); destination(d_mesg); };

log { source(s_sys); filter(f_filter3); destination(d_mlop); };

log { source(s_sys); filter(f_filter4); destination(d_mlrt); };

log { source(s_sys); filter(f_filter5); destination(d_mlal); };

log { source(s_sys); filter(f_filter6); destination(d_auth); };

log { source(s_sys); filter(f_filter7); destination(d_mail); };

log { source(s_sys); filter(f_filter8); destination(d_cons);

                                        destination(d_mesg); };

 

log { source(s_ext); destination(d_ext); };

On 2011-04-27 10:06, sramesh.kumar at wipro.com wrote: 

Hi All,

 

Can any body help me. Please?????

I hve configured syslog-ng in X86 server. Bellow is the configuration.

But Logs are not coming under /syslog-ng folder.....if I am wrong in

bellow configuration, can you Please Provide step by step configuration

Procedure to configure the same...

 

# cat /etc/syslog-ng/syslog-ng.conf

options {

sync (0);

time_reopen (10);

log_fifo_size (1000);

long_hostnames (off);

use_dns (no);

use_fqdn (no);

create_dirs (yes);

keep_hostname (yes);

};

source s_sys {

file ("/proc/kmsg" log_prefix("kernel: "));

sun-stream ("/dev/log");

internal();

};

 

# External Source

source s_ext

 

{

# Standard Syslog

udp(); # All interfaces

tcp(); # All interfaces on tcp port

sun-stream("/dev/log");

};

destination d_cons { file("/dev/console"); };

destination d_mesg { file("/var/adm/messages"); };

destination d_mail { file("/var/log/syslog"); };

destination d_auth { file("/var/log/authlog"); };

destination d_mlop { usertty("operator"); };

destination d_mlrt { usertty("root"); };

destination d_mlal { usertty("*"); };

destination d_ext

{

file("/syslog-ng/$HOST/$YEAR/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" \

owner(root) group(root) perm(0650) dir_perm(0750) create_dirs(yes));

 

create_dirs(yes));

};

 

filter f_filter1   { level(err) or

                     (level(notice) and facility (auth, kern)); };

filter f_filter2   { level(err) or

                     (facility(kern) and level(notice)) or

                     (facility(daemon) and level(notice)) or

                     (facility(mail) and level(crit)); };

filter f_filter3   { level(alert) or

                     (facility(kern) and level(err)) or

                     (facility(daemon) and level(err)); };

filter f_filter4   { level(alert); };

filter f_filter5   { level(emerg); };

filter f_filter6   { facility(kern) and level(notice); };

filter f_filter7   { facility(mail) and level(debug); };

filter f_filter8   { facility(user) and level(err); };

filter f_filter9   { facility(user) and level(alert); };

 

log { source(s_sys); filter(f_filter1); destination(d_cons); };

log { source(s_sys); filter(f_filter2); destination(d_mesg); };

log { source(s_sys); filter(f_filter3); destination(d_mlop); };

log { source(s_sys); filter(f_filter4); destination(d_mlrt); };

log { source(s_sys); filter(f_filter5); destination(d_mlal); };

log { source(s_sys); filter(f_filter6); destination(d_auth); };

log { source(s_sys); filter(f_filter7); destination(d_mail); };

log { source(s_sys); filter(f_filter8); destination(d_cons);

                                        destination(d_mesg); };

 

log { source(s_ext); destination(d_ext); };

# isainfo -kv

64-bit amd64 kernel modules

# cat /etc/release

                       Solaris 10 10/08 s10x_u6wos_07b X86

           Copyright 2008 Sun Microsystems, Inc.  All Rights Reserved.

                        Use is subject to license terms.

                            Assembled 27 October 2008

# pkginfo -l SMCsyslng

   PKGINST:  SMCsyslng

      NAME:  syslogng

  CATEGORY:  application

      ARCH:  x86

   VERSION:  2.0.5

   BASEDIR:  /usr/local

    VENDOR:  BalaBit IT Ltd

    PSTAMP:  Steve Christensen

  INSTDATE:  Apr 20 2011 16:24

     EMAIL:  steve at smc.vnet.net

    STATUS:  completely installed

     FILES:       64 installed pathnames

                   3 shared pathnames

                  15 directories

                   2 executables

                2163 blocks used (approx)

 

 

 

 

 

 

 

 

 

 

 

 

Thanks & Regards,

Ramesh Kumar,

Wipro Infotech Hyderabad,

Mobile: +91 905 221 3330

* : sramesh.kumar at wipro.com

Intensity to Win Act with Sensitivity Unyielding Integrity

 

Please do not print this email unless it is absolutely necessary. 

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. 

www.wipro.com 

 
 
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html
 

 


Please do not print this email unless it is absolutely necessary. 

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. 

www.wipro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110427/fa601867/attachment-0001.htm

More information about the syslog-ng mailing list