[syslog-ng] [Bug 154] New: Processes forked via program() do not properly terminate
bugzilla at bugzilla.balabit.com
bugzilla at bugzilla.balabit.com
Fri Dec 16 15:56:55 CET 2011
https://bugzilla.balabit.com/show_bug.cgi?id=154
Summary: Processes forked via program() do not properly terminate
Product: syslog-ng
Version: 3.2.x
Platform: Other
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: unspecified
Component: syslog-ng
AssignedTo: bazsi at balabit.hu
ReportedBy: hendrik.volker at de.verizonbusiness.com
Type of the Report: ---
Estimated Hours: 0.0
I am using a SyslogNG 3.2.4 build for our company internal version of Solaris 10 on some SUN V245 SPARC servers.
In a project I am using the following config:
---8<---
source s_whsvoipgwv2_ngrep_bge1 {
program (
"/prod/tools/ngrep -d bge1 -t -q -W single SIP port 5060"
flags (no-parse)
tags ("IF1")
);
};
parser p_whsvoipgwv2_ngrep {
csv-parser (
columns ("NGREP.PROTO" "NGREP.DATE", "NGREP.TIME",
"NGREP.SRCADDR", "NGREP.DUMMY", "NGREP.DSTADDR",
"NGREP.MSG"
)
flags (drop-invalid, escape-none, greedy, strip-whitespace)
delimiters (" ")
);
};
template t_whsvoipgwv2_ngrep {
template (
"$MONTH_ABBREV $DAY ${NGREP.TIME} $HOST ${NGREP.PROTO} ${NGREP.SRCADDR} ${NGREP.DSTADDR} ${
NGREP.MSG}\n"
);
};
destination d_whsvoipgwv2_sip_voipslp {
file ("/var/home/voipslp/sip/sip.$YEAR$MONTH$DAY$HOUR.log"
owner("voipslp") group("voipsl") perm(0644)
template(t_whsvoipgwv2_ngrep)
);
};
log {
source(s_whsvoipgwv2_ngrep_bge1);
parser(p_whsvoipgwv2_ngrep);
destination(d_whsvoipgwv2_sip_voipslp);
flags (final);
};
---8<---
With the log file rotation every hour it seems that SyslogNG is starting new instances of ngrep, while not terminating the old instances. This results in lots!
of running but unused ngreps.
--
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the syslog-ng
mailing list