[syslog-ng] Having trouble with syslog-ng not continuously pushing logs out a port
Sandor Geller
Sandor.Geller at morganstanley.com
Mon Jun 13 18:42:06 CEST 2011
Hi,
On Fri, Jun 10, 2011 at 9:20 PM, Mike Gracy <mike at idle-games.com> wrote:
> I am trying to use syslog-ng to monitor some files and push anything added
> to the file out to a splunk instance. Everytime syslong-ng starts, there is
> a burst of traffic, but nothing after that.
> I've run it manually in debug mode to see if there is anything, but I don't
> get any output. I'm thinking there is an issue with the config file, but I'm
> not sure what the problem might be.
> I took the stock config file (as it comes from Ubuntu 10.04.2: syslog-ng
> 2.0.9-4.2) and added several sources, filters and log directives all going
> to one destination:
You need the follow_freq() option, in syslog-ng 2.x it isn't enabled
by default for file sources. BTW 2.0.9 is quite an old an no longer
supported version.
Regards,
Sandor
More information about the syslog-ng
mailing list