[syslog-ng] syslog-ng not writing to specified path

[Fekete, Róbert]

Hi,

maybe you have SELinux or Apparmor enabled on the host that's preventing
syslog-ng from writing to the specified destination?
See this post for pointers:
https://www.balabit.com/blog/using-syslog-ng-with-selinux-in-enforcing-mode/

HTH,

Robert

On Thu, Aug 3, 2017 at 10:59 PM, vijay amruth <vijayamruth at gmail.com> wrote:

> Hello all,  hope you are all doing great.
>
> I have set up syslog-ng on a host and I am able to see packets on tcpdump
> but syslog-ng is not wriiting to the specified paths.
>
> I have checked firewall rules, filters, write permissions at the path. I
> have another host on the same VLAN with the same config that is able to
> receive packets and write to the destination.
>
> what I am I missing ?
>
> *version used:*
> syslog-ng 3.9.1
> Installer-Version: 3.9.1
> Revision:
> Module-Directory: /usr/local/lib/syslog-ng
> Module-Path: /usr/local/lib/syslog-ng
> Available-Modules: syslogformat,afsocket,affile,afprog,afuser,afamqp,
> afmongodb,csvparser,confgen,system-source,linux-kmsg-
> format,basicfuncs,cryptofuncs,dbparser,json-plugin,afstomp,
> pseudofile,graphite,sdjournal,kvformat,date,cef,disk-buffer,
> add-contextual-data
> Enable-Debug: off
> Enable-GProf: off
> Enable-Memtrace: off
> Enable-IPv6: on
> Enable-Spoof-Source: off
> Enable-TCP-Wrapper: off
> Enable-Linux-Caps: off
>
>
> syslog-ng -Fvde shows :
> [2017-08-03T13:57:20.214552] Module loaded and initialized successfully;
> module='syslogformat'
>
> Any help is appreciated.
>
>
> Thanks,
> Vijay Amrut.
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170901/7d0da66e/attachment.html>