[syslog-ng] syslog-ng events in log timestamping wrong
Contreras, Gerald (DPS)
Gerald.Contreras at aph.gov.au
Mon Nov 20 23:29:33 UTC 2017
Hi All,
I am very new to syslog-ng via Cygwin.
I am having trouble with MWG proxy logs where individual events inside the log are being timestamped at the rotation time (timestamping at 00:00-00:01AM).
This happens intermittently so the problem isn't constant. I have verified via packet captures that the timestamp is correct up until syslog-ng begins to handle the event and write it to the log.
My syslog-ng.conf is as follows
===============================================================
@version: 3.2
@include "scl.conf"
options {
create_dirs(yes);
use_dns(yes);
dns_cache_hosts(/etc/hosts);
dns_cache_expire(3600);
chain_hostnames(0);
log_fifo_size(512);
perm(0644);
dir_perm(0755);
time_reopen(10);
time_reap(360);
use_fqdn(no);
keep_hostname(no);
stats_freq(0);
};
source s_network {
udp(port("514"));
};
destination s_files {
file("/cygdrive/d/syslog/$HOST/$HOST-$MONTH-$DAY.log" create_dirs(yes));
};
log { source(s_network); destination(s_files); };
==============================================================
Thanks. Any help or direction would be much appreciated
Important Notice: If you have received this email by mistake, please advise the sender and delete the message and attachments immediately. This email, including attachments, may contain confidential, sensitive, legally privileged and/or copyright information. Any review, retransmission, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited.
Please consider the environment before printing this email.
More information about the syslog-ng
mailing list