[syslog-ng] Why Syslog-NG can't start?
Czanik, Péter
peter.czanik at balabit.com
Mon Jun 19 11:36:56 UTC 2017
Hi,
I don't see any suspicious just by reading the config. But you can use
"syslog-ng -s" to check if the syntax you use is correct. If it is,
you should check /var/log/audit/audit.log if there is a SELinux rule,
which blocks syslog-ng.
Bye,
Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream
https://www.balabit.com/blog/author/peterczanik/
https://twitter.com/PCzanik
On Mon, Jun 19, 2017 at 10:43 AM, 'Jason Long' via SYSLOG-NG
<syslog-ng at balabit.com> wrote:
> Hello.
> I installed Syslog-NG on CentOS 7 x64 and my configuration is :
>
>
>
> @version:3.5
> @include "scl.conf"
>
> # syslog-ng configuration file.
> #
> # This should behave pretty much like the original syslog on RedHat. But
> # it could be configured a lot smarter.
> #
> # See syslog-ng(8) and syslog-ng.conf(5) for more information.
> #
> # Note: it also sources additional configuration files (*.conf)
> # located in /etc/syslog-ng/conf.d/
>
> options {
> flush_lines (0);
> time_reopen (10);
> log_fifo_size (1000);
> long_hostnames (off);
> use_dns (no);
> use_fqdn (no);
> create_dirs (no);
> keep_hostname (yes);
> ts_format(iso);
> encoding(UTF-8);
> };
>
> source s_netsyslog {
> udp(ip(0.0.0.0) port(514) flags(no-hostname));
> tcp(ip(0.0.0.0) port(514) flags(no-hostname));
> };
>
> destination d_netsyslog { file("/var/log/network.log" owner("root") group("root") perm(0644)); };
> destination d_separatedbyhosts{file("/var/log/$HOST/messages" owner("root") group("root") perm(0655) dir_perm(0755) create_dirs(yes));
> };
>
>
> log { source(s_netsyslog); destination(d_separatedbyhosts); };
>
> # Source additional configuration files (.conf extension only)
> @include "/etc/syslog-ng/conf.d/*.conf"
>
>
> # vim:ft=syslog-ng:ai:si:ts=4:sw=4:et:
>
>
>
>
>
> But my Syslog-NG can't start and give me below error:
>
> # systemctl status syslog-ng.service
> ● syslog-ng.service - System Logger Daemon
> Loaded: loaded (/usr/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
> Active: failed (Result: start-limit) since Mon 2017-06-19 05:33:42 EDT; 32s ago
> Docs: man:syslog-ng(8)
> Process: 20920 ExecStart=/usr/sbin/syslog-ng -F -p /var/run/syslogd.pid (code=exited, status=1/FAILURE)
> Main PID: 20920 (code=exited, status=1/FAILURE)
> Status: "Starting up... (Mon Jun 19 05:33:41 2017"
>
> Jun 19 05:33:41 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
> Jun 19 05:33:41 localhost.localdomain systemd[1]: syslog-ng.service failed.
> Jun 19 05:33:42 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
> Jun 19 05:33:42 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
> Jun 19 05:33:42 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
> Jun 19 05:33:42 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
> Jun 19 05:33:42 localhost.localdomain systemd[1]: syslog-ng.service failed.
> Jun 19 05:33:42 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
> Jun 19 05:33:42 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
>
> Jun 19 05:33:42 localhost.localdomain systemd[1]: syslog-ng.service failed.
>
> How can I solve it?
>
> Thank you.
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
More information about the syslog-ng
mailing list