[syslog-ng] syslog ng open version 3.1.3 does not relay or write to local file
Bentayeb, Julian A.
bentayeb1 at llnl.gov
Wed Jan 19 00:19:33 CET 2011
I have syslog-ng-3.1.3-1.rhel5.i386.rpm open version installed and want syslog clients to send to the syslog-ng server; The intention is to have the server send all logs to a final syslog destination and a keep a copy in a file locally.
The only thing that is working is I am seeing SYSLOG packest via tcpdump.
No messages come to the local file and no messages go to the final destination.
I installed the rpm and there was no mode option (server, relay, client) I could chose.
Your help is appreciated.
Here is the syslog conf I am using:
@version:3.0
#
# Relay all logs to final destination
#
options {
mark_freq(30);
keep_hostname(yes);
};
source s_local { unix-stream("/dev/log"); internal(); };
source s_network { syslog(transport(udp)); };
destination d_syslog_udp {
syslog("xx.xx.xx.xx" transport("udp")
);
};
log { source(s_local); source(s_network);
destination(d_syslog_udp); };
#
# Keep a copy of logs coming over the network locally in a file for Splunk
#
source s_network { syslog(transport(udp));};
destination d_file {
file("/var/log/messages"
);
};
log { source(s_network); destination(d_file); };
Julian Bentayeb
Lawrence Livermore National Laboratory
Information and Communications Systems
925-424-5702
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110118/54915fcd/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 70 bytes
Desc: image001.gif
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110118/54915fcd/attachment.gif
More information about the syslog-ng
mailing list