[syslog-ng] logging to PostgreSQL database
Matthew Hall
mhall at mhcomputing.net
Thu Jan 6 00:41:33 CET 2011
On Thu, Jan 06, 2011 at 12:18:12AM +0100, Janez Barbič wrote:
> Hi Matthew,
>
> I solved it! :)
Wonderful.
> Even though I noticed zeroed out port I paid no attention to it
> because I assumed syslog-ng used default Postgres port. Postgres is
> listening to port 5432 (default), but syslog-ng was sending packets to
> port 0
Normally something like this would not happen, but there have been a
series of odd bugs in the behavior of DB ports for different DBs due to
various syslog-ng vs. DBI interactions that have gone wrong.
> (again, thanks for Wireshark idea).
I used to create network anomaly detection software, so I never believe
anything about socket programming unless I have packet captures or
detailed debug logs. Preferably both, because firewalls and applications
can reject traffic at L3-L7 after the packet capture gets the traffic at
L2.
> So I just pointed syslog-ng to the correct port and it started to
> work.
Good thing it did. Otherwise we would have had to track down another
port bug. Although it's a bug it defaults to port 0 which nobody uses
instead of defaulting to the Postgres port. Maybe you could put this
into Bugzilla?
> I must also say that I am positively surprised by really fast response :)
There's a rule of open source that if you want a prompt response on a
mailing list, you should provide prompt responses to everyone else. I
really try to follow this.
> Best regards,
> Janez Barbic
Regards,
Matthew Hall.
More information about the syslog-ng
mailing list