[syslog-ng] Syslog-NG RFC
Ivan Adji - Krstev
akivanradix at gmail.com
Tue May 17 13:44:55 CEST 2016
On 05/17/2016 01:22 PM, Ivan Adji - Krstev wrote:
> Hi Robert,
> Everything is placed as it is. I have put the server and the client in
> the networ() part the *flags* and still nothing. No template in use.
>
> Here is the configuration of the server:
>
> options {
> flush_lines (0);
> time_reopen (10);
> log_fifo_size (1000);
> chain_hostnames (off);
> use_dns (no);
> use_fqdn (no);
> create_dirs (no);
> keep_hostname (yes);
> };
>
> source s_sys {
> system();
> internal();
> network(ip(0.0.0.0) port(6514)
> flags(syslog-protocol)
> transport("tls")
> tls(key_file("/etc/syslog-ng/cert.d/serverkey.pem")
> cert_file("/etc/syslog-ng/cert.d/servercert.pem")
> ca_dir("/etc/syslog-ng/ca.d")
> ) );
>
> };
>
> destination d_mongodb {
> mongodb(
> servers("localhost:27017")
> database("syslog")
> username("test")
> password("test123")
> collection("messages")
> value-pairs(
> scope("selected-macros" "nv-pairs" "sdata")
> )
> );
> };
>
>
> And here it is on the client site:
>
> options {
> flush_lines (0);
> time_reopen (10);
> log_fifo_size (1000);
> chain_hostnames (off);
> use_dns (no);
> use_fqdn (no);
> create_dirs (no);
> keep_hostname (yes);
> };
>
> source s_sys {
> system();
> internal();
> # udp(ip(0.0.0.0) port(514));
> };
>
>
> destination tls_destination {
> network("x.x.x.x" port(6514)
> flags(syslog-protocol)
> transport("tls")
> tls( ca_dir("/etc/syslog-ng/ca.d")
> key_file("/etc/syslog-ng/cert.d/clientkey.pem")
> cert_file("/etc/syslog-ng/cert.d/clientcert.pem") )
> );
> };
>
>
> And i have use the same configuration with MySQL and works perfect now
> i have problems with MongoDB.
>
> Kind regards
> Ivan
>
>
> On 05/17/2016 01:10 PM, Fekete, Róbert wrote:
>> Hi,
>>
>> The protocols used in the syslog-ng clients and the syslog-ng server
>> should match.
>> You posted a source that uses the network() driver - I take this is
>> from your server.
>> The destination on your client should also use the network() driver,
>> and that's where you need the flags(syslog-protocol).
>>
>> Also check your client config to see if it uses a custom template
>> that messes with the message format.
>>
>> Robert
>>
>>
>>
>> On Tue, May 17, 2016 at 10:49 AM, Ivan Adji - Krstev
>> <akivanradix at gmail.com <mailto:akivanradix at gmail.com>> wrote:
>>
>> Any way i put it where i can and on a client but still nothing.
>>
>> Any other hints ?
>>
>> Ivan
>>
>> On 05/17/2016 10:31 AM, Fabien Wernli wrote:
>>> Hi,
>>>
>>> On Tue, May 17, 2016 at 10:11:27AM +0200, Ivan Adji - Krstev wrote:
>>>> some RFC model 5424. Is there an option to configure the syslog-ng to
>>>> send this messages in that RFC format ?
>>> Add `flags(syslog-protocol)` to the network destination
>>>
>>> ______________________________________________________________________________
>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160517/50508ce8/attachment.htm
More information about the syslog-ng
mailing list