[syslog-ng] Error binding socket;
vinod samant
vinod.samant.123 at gmail.com
Mon May 14 08:51:53 UTC 2018
Please suggest on this.
*Thanks & Regards :-*
*VINOD SINGH SAUD*
*(M):- 09718663552*
*(W):-09997645597*
*(E) :- vinod.samant.123 at gmail.com <vinod.samant.123 at gmail.com>*
On Fri, May 11, 2018 at 6:33 PM, vinod samant <vinod.samant.123 at gmail.com>
wrote:
> Hi ,
> When i am going to comment those lines on server side ,syslog-ng is
> working fine ,But all logs are coming in one file */var/log/from_net .*
>
> *commented lines:-*
>
> source s_net {
> network(flags(no-parse));
> };
>
> parser p_apache {
> csv-parser(
> columns("apache.FILE_NAME", "apache.MESSAGE")
> flags(greedy)
> );
> };
> destination d_apache {
> file("/usr/local/apache/logs/${apache.FILE_NAME}"
> template("${apache.MESSAGE}\n"));
> };
>
> log{
> source (s_net);
> parser (p_apache);
> destination(d_apache);
> };
>
> *Is it necessary to define port in server side configuration file also?*
>
> *Can you share wildcard configuration for both server side and cilent
> side?*
>
>
>
>
>
>
>
>
>
>
>
>
>
> *Thanks & Regards :-*
>
> *VINOD SINGH SAUD*
>
> *(M):- 09718663552*
>
> *(W):-09997645597*
>
> *(E) :- vinod.samant.123 at gmail.com <vinod.samant.123 at gmail.com>*
>
> On Fri, May 11, 2018 at 6:02 PM, Nagy, Gábor <gabor.nagy at balabit.com>
> wrote:
>
>> Hi!
>>
>> It seems that some other process is using the default syslog port
>> > Starting syslog-ng: [2018-05-11T16:41:55.756615] Error binding socket;
>> addr='AF_INET(0.0.0.0:514)', error='Address already in use (98)'
>>
>> I would suggest to check the port with netstat.
>>
>> Regards,
>> Gabor
>>
>> On Fri, May 11, 2018 at 1:23 PM, vinod samant <vinod.samant.123 at gmail.com
>> > wrote:
>>
>>> Hi
>>> I am getting below error while restarting server .
>>>
>>> [root at localhost logs]# /etc/init.d/syslog-ng restart
>>> Stopping syslog-ng: [FAILED]
>>> syslog-ng is stopped
>>> Starting syslog-ng: [2018-05-11T16:41:55.756615] Error binding socket;
>>> addr='AF_INET(0.0.0.0:514)', error='Address already in use (98)'
>>> [2018-05-11T16:41:55.756684] Error initializing message pipeline; plugin
>>> name='network', location='/etc/syslog-ng/syslog-ng.conf:24:3'
>>> [FAILED]
>>>
>>>
>>> My requirement :-
>>>
>>> OS:- centos 6.5
>>>
>>> 1. I want to use wildcard to send all apache custom logs from client to
>>> server .
>>>
>>> Configuration of both client and server :-
>>>
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>client
>>> conf<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>> @version:3.13
>>> @include "scl.conf"
>>> @define allow-config-dups 1
>>>
>>> source s_local {
>>> system();
>>> internal();
>>>
>>> };
>>> destination d_network {udp("192.168.122.67" port(514));
>>>
>>> };
>>>
>>> destination d_local {
>>> file("/var/log/messages");
>>> };
>>>
>>> log{
>>> source(s_local);
>>> destination(d_network);
>>> destination(d_local);
>>>
>>> };
>>>
>>> ####################
>>> source s_local{
>>> wildcard-file(
>>> base-dir("/usr/local/apache/logs")
>>> filename-pattern("*.log")
>>> recursive(no)
>>> follow-freq(1));
>>> };
>>>
>>> destination d_network {tcp("192.168.122.67" port(514));
>>>
>>> };
>>>
>>> log{
>>> source(s_local);
>>> destination(d_network);
>>>
>>> };
>>>
>>>
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>server
>>> conf<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>>
>>> @version:3.13
>>> @include "scl.conf"
>>>
>>> source s_local{system(); internal();};
>>> source s_network{
>>>
>>> udp();
>>> tcp();
>>>
>>> };
>>>
>>> destination d_local{file("/var/log/messages");};
>>> destination d_from_net{file("/var/log/from_net");};
>>> log{
>>> source(s_local);
>>> destination(d_local);
>>> };
>>> log { source(s_network); destination(d_from_net); };
>>>
>>>
>>> source s_net {
>>> network(flags(no-parse));
>>> };
>>>
>>> parser p_apache {
>>> csv-parser(
>>> columns("apache.FILE_NAME", "apache.MESSAGE")
>>> flags(greedy)
>>> );
>>> };
>>> destination d_apache {
>>> file("/usr/local/apache/logs/${apache.FILE_NAME}"
>>> template("${apache.MESSAGE}\n"));
>>> };
>>>
>>> log{
>>> source (s_net);
>>> parser (p_apache);
>>> destination(d_apache);
>>> };
>>>
>>>
>>> What should be changed on configuration file on both side ?
>>>
>>>
>>>
>>>
>>>
>>>
>>> *Thanks & Regards :-*
>>>
>>> *VINOD SINGH SAUD*
>>>
>>> *(M):- 09718663552*
>>>
>>> *(W):-09997645597*
>>>
>>> *(E) :- vinod.samant.123 at gmail.com <vinod.samant.123 at gmail.com>*
>>>
>>> ____________________________________________________________
>>> __________________
>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation: http://www.balabit.com/support
>>> /documentation/?product=syslog-ng
>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>
>>>
>>>
>>
>> ____________________________________________________________
>> __________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation: http://www.balabit.com/support/documentation/?product=
>> syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180514/d6d16ebf/attachment.html>
More information about the syslog-ng
mailing list