[syslog-ng] Unable to make syslog-ng listen to port 514
Czanik, Péter
peter.czanik at balabit.com
Sat Nov 3 09:18:54 UTC 2018
Hi,
The source declaration seems to be all right. If it still does not work,
just a few more ideas what to check:
- make sure, that this source is actually used in a log path (other way it
is not used)
- if you use SELinux, set it to permissive mode temporarily (setenforce 0)
- make sure that your firewall does not block it
- the syslog() source is for RFC5424 logs, make sure that you send your
logs using this protocol version
Have a nice weekend!
Bye,
Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit (a OneIdentity company) / syslog-ng upstream
https://syslog-ng.com/community/
https://twitter.com/PCzanik
On Sat, Nov 3, 2018 at 10:01 AM Fosiul Alam <fosiul at gmail.com> wrote:
> Hi
> Thanks,
> i have changed this to
> source s_net { syslog(ip(192.168.1.13) port(514) transport("tcp")); };
>
> still it does not listen to 514 or 601
>
> do i need to do anthing in the config file to make it activate ?
>
>
>
> On Fri, Nov 2, 2018 at 9:18 PM Péter, Kókai <peter.kokai at oneidentity.com>
> wrote:
>
>> Hello,
>>
>> The syslog source by default listening on 601 port, you could change that
>> with port(514) if you want to.
>>
>> See the admin guide:
>> https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.16/administration-guide/23#TOPIC-956472
>>
>>
>> --
>> Kokan
>>
>> On Fri, 2 Nov 2018, 7:29 pm Fosiul Alam, <fosiul at gmail.com> wrote:
>>
>>> Hello
>>> i have installed syslog-ng in our ubuntu server with version : 3.13
>>>
>>> its running fine, I am using the default syslog-ng file and i have
>>> change this line as per documentation
>>>
>>> source s_net { syslog(ip(192.168.1.19) transport("tcp")); };
>>>
>>> but its not listing on port 514
>>>
>>> What Do i have to do make it listen ?
>>>
>>> Thanks for the help
>>>
>>>
>>>
>>>
>>>
>>> ● syslog-ng.service - System Logger Daemon
>>> Loaded: loaded (/lib/systemd/system/syslog-ng.service; enabled;
>>> vendor preset: enabled)
>>> Active: active (running) since Fri 2018-11-02 18:22:46 UTC; 4min 5s
>>> ago
>>> Docs: man:syslog-ng(8)
>>> Main PID: 16470 (syslog-ng)
>>> Tasks: 1 (limit: 2361)
>>> CGroup: /system.slice/syslog-ng.service
>>> └─16470 /usr/sbin/syslog-ng -F
>>>
>>> Nov 02 18:22:46 syslog systemd[1]: Starting System Logger Daemon...
>>> Nov 02 18:22:46 syslog systemd[1]: Started System Logger Daemon.
>>>
>>>
>>> --
>>> Regards
>>> Fosiul Alam
>>>
>>>
>>> ______________________________________________________________________________
>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation:
>>> http://www.balabit.com/support/documentation/?product=syslog-ng
>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>
>>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>
> --
> Regards
> Fosiul Alam
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20181103/2507becf/attachment-0001.html>
More information about the syslog-ng
mailing list