[syslog-ng] No logging on Snow Leopard except internal

Balazs Scheidler bazsi at balabit.hu
Tue Jan 17 08:58:19 CET 2012


On Mon, 2012-01-16 at 17:07 -0500, Andrew Eberbach wrote:
> Hi
> 
> Yeah I figured as much. I guessed that Darwin would be FreeBSD-ish so
> I added that to the script but it didn't work. On OSX there's no
> /dev/log. I did an lsof|grep syslogd to see what it had open:
> 
> /var/run/asl_input
> /var/run/syslog
> /dev/klog
> 
> But none of those seemed to get the log messages. What I ended up
> doing is just forwarding everything through to syslog-ng over UDP from
> normal syslogd but that doesn't seem like it's The Right Way (tm).
> 
> Anyway, thanks for getting back to me. If you do figure out a way to
> do it without having to have both running I'd be interested.

It'd make sense to post what configuration you've tried.

According to the page below [1], it should be:

unix-dgram("/var/run/syslog");

Does that work for you?

[1] http://72.14.189.113/howto/logging/syslog-ng/

> 
> 
> Thanks,
> Andrew
> 
> 
> On Mon, Jan 16, 2012 at 4:59 PM, Balazs Scheidler <bazsi at balabit.hu> wrote:
> > On Mon, 2012-01-16 at 10:54 -0500, Andrew Eberbach wrote:
> >> Hi
> >>
> >> I'm trying to get syslog-ng working on snow leopard but when it starts
> >> all I get is internal messages. Using logger to send a message won't
> >> work nor will using another program. Both work with normal syslogd
> >> (which I have turned off so as not to conflict). I've also tried
> >> loggen -D localhost 514 and loggen -i localhost 514 to no avail.
> >> Here's the details:
> >>
> >> #/usr/local/Cellar/syslog-ng/3.2.4/sbin/syslog-ng -V
> >> syslog-ng 3.2.4
> >> Installer-Version: 3.2.4
> >> Revision: ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master#ef7b91e4a1b1f9628c66138b4ae83de7e4c697c6
> >> Compile-Date: Jan 16 2012 05:44:25
> >> Enable-Threads: off
> >> Enable-Debug: off
> >> Enable-GProf: off
> >> Enable-Memtrace: off
> >> Enable-Sun-STREAMS: off
> >> Enable-IPv6: on
> >> Enable-Spoof-Source: off
> >> Enable-TCP-Wrapper: on
> >> Enable-SSL: on
> >> Enable-SQL: off
> >> Enable-Linux-Caps: off
> >> Enable-Pcre: on
> >> Enable-Pacct: off
> >>
> >> and here's the config
> >>
> >> #cat syslog-ng.conf
> >> #############################################################################
> >> # Default syslog-ng.conf file which collects all local logs into a
> >> # single file called /var/log/messages.
> >> #
> >>
> >> @version: 3.2
> >> @include "scl.conf"
> >>
> >> source s_local {
> >>       system();
> >
> > I'm not sure the system() macro supports Darwin, it is just executing a
> > shell script, which outputs the configuration snippet to be used by
> > syslog-ng itself.
> >
> > The script is installed
> > $prefix/share/syslog-ng/include/scl/system/generate-system-source.sh
> >
> > Now as I've checked, it doesn't support Darwin, so no wonder it doesn't
> > work there.
> >
> > IIRC MacOS uses unix-dgram() for its /dev/log device, but I'm not
> > absolutely certain.
> >
> > --
> > Bazsi
> >
> >
> > ______________________________________________________________________________
> > Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> > Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> > FAQ: http://www.balabit.com/wiki/syslog-ng-faq
> >
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
> 
> 

-- 
Bazsi




More information about the syslog-ng mailing list