[syslog-ng] Problems for configure syslog structured as a source
C. L. Martinez
carlopmart at gmail.com
Mon Jun 4 15:54:35 CEST 2012
On Mon, Jun 4, 2012 at 12:27 PM, C. L. Martinez <carlopmart at gmail.com> wrote:
> On Mon, Jun 4, 2012 at 12:23 PM, Gergely Nagy <algernon at balabit.hu> wrote:
>> "C. L. Martinez" <carlopmart at gmail.com> writes:
>>
>>> I am trying to configure syslog-ng to receive syslog messages as
>>> syslog structured (IETF). To accomplish I have configured:
>>>
>>> source s_ietfsyslog {
>>> syslog (port(20514) transport(tcp));
>>> };
>>>
>>> but not messages are processed by syslog-ng (but messages arrives
>>> from third devices).
>>
>> Can you post the full config? The source itself is correct, but there
>> are many possibilities within other parts of the config where things
>> could go wrong.
>>
>>
>
> @version:3.3
>
>
> #
> # options
> #
> options {
> perm(0644);
> chain_hostnames(off);
> flush_lines(100);
> keep_hostname(yes);
> };
>
> source s_ietfsyslog {
> syslog(ip(172.24.50.2) port(20514) transport(tcp));
> };
>
> destination d_ietflog {
> file("/tmp/test_corr.log");
> };
>
> log {
> source(s_ietfsyslog);
> destination(d_ietflog);
> flags(flow-control,final);
> };
>
> .. and that's all ...
Extrange: changin tcp transport by udp, works ... but I didn't see any
difference between a normal log and using syslog driver ... Somebody
knows why?
More information about the syslog-ng
mailing list