[syslog-ng] syslog-ng.conf error
Péter, Kókai
peter.kokai at oneidentity.com
Wed Feb 27 08:24:50 UTC 2019
Hello,
In order to point out the exact location of issue, you have to share your
configuration.
If you do not want to share it, there is two hint to find it yourself:
1) The message "Error checking the uniqueness of the persist names, please
override it with persist-name option. Shutting" actually truncated
(possible by journalctl), and the full version should contain the location
of the item that has conflicting persist-name.
2) About persist-name, syslog-ng uses a persist file to store some
information (for example to keep data between restart/reload). Date is
stored in that file via its key, those keys are generated based on the
configuration item options (for file source it could be the path of the
file, etc...), sometimes it could collide with other configured item and
syslog-ng cannot resolve the name collition; but the user could with
specifying the *persist-name* option, which override the default generated
option.
An example:
source s {
file("/tmp/file" persist-name("my-tmp-file") );
};
--
Kokan
On Tue, Feb 26, 2019 at 9:57 PM Lin, Victor <victor.lin at rbc.com> wrote:
> Dear all,
>
> I am a newbie for syslog-ng J, could you please help me to figure out
> my issues with syslog-ng.conf ?
>
> After modified syslog-ng.conf by adding more source, destination and
> filter, try to restart syslog-ng by /etc/init.d/syslog-ng restart
>
> Got the following error
> *********************************************
> # */etc/init.d/syslog-ng restart*
> Restarting syslog-ng (via systemctl): Job for syslog-ng.service failed
> because the control process exited with error code. See "systemctl status
> syslog-ng.service" and "journalctl -xe" for details.
> [FAILED]
>
> ****************************************
> # *systemctl status syslog-ng.service*
> â— syslog-ng.service - LSB: start and stop syslog-NG daemon
> Loaded: loaded (/etc/rc.d/init.d/syslog-ng; bad; vendor preset: enabled
> )
> Active: failed (Result: exit-code) since Tue 2019-02-26 15:17:04 EST;
> 30s ago
> Docs: man:systemd-sysv-generator(8)
> Process: 53303 ExecStop=/etc/rc.d/init.d/syslog-ng stop (code=exited,
> status=0/SUCCESS)
> Process: 292500 ExecReload=/etc/rc.d/init.d/syslog-ng reload
> (code=exited, status=0/SUCCESS)
> Process: 53320 ExecStart=/etc/rc.d/init.d/syslog-ng start (code=exited,
> status=1/FAILURE)
> Main PID: 116276
>
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083451]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083503]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083554]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.250946] Error
> checking the uniqueness of the persist names, please override it with
> persist-name op...conf:131:9'
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.250984] Error
> checking the uniqueness of the persist names, please override it with
> persist-name op...conf:132:9'
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [FAILED]
> Feb 26 15:17:04 ABCD.com systemd[1]: syslog-ng.service: control process
> exited, code=exited status=1
> Feb 26 15:17:04 ABCD.com systemd[1]: Failed to start LSB: start and stop
> syslog-NG daemon.
> Feb 26 15:17:04 ABCD.com systemd[1]: Unit syslog-ng.service entered
> failed state.
> Feb 26 15:17:04 ABCD.com systemd[1]: syslog-ng.service failed.
> Hint: Some lines were ellipsized, use -l to show in full.
>
>
> # *journalctl -xe*
> Feb 26 15:05:28 ABCD.com puppet-agent[48945]: Could not send report:
> getaddrinfo: No address associated with hostname
> Feb 26 15:09:40 ABCD.com sshd[51578]: pam_sss(sshd:auth): authentication
> success; logname= uid=0 euid=0 tty=ssh ruser= rhost=
> m3vrb434.rbc1.royalbank.com user=VL51
> Feb 26 15:09:40 ABCD.com sshd[51578]: Accepted password for VL51 from
> 10.94.201.168 port 62031 ssh2
> Feb 26 15:10:02 ABCD.com crond[51740]: pam_unix(crond:account): password
> for user root will expire in 8 days
> Feb 26 15:10:02 ABCD.com crond[51741]: pam_unix(crond:account): password
> for user root will expire in 8 days
> Feb 26 15:10:02 ABCD.com crond[51740]: pam_unix(crond:session): session
> opened for user root by (uid=0)
> Feb 26 15:10:02 ABCD.com crond[51741]: pam_unix(crond:session): session
> opened for user root by (uid=0)
> Feb 26 15:10:02 ABCD.com CROND[51743]: (root) CMD (/usr/lib64/sa/sa1 1 1)
> Feb 26 15:10:02 ABCD.com CROND[51742]: (root) CMD (/bin/printf
> '\n***********************************************************************************\n\n
> For filesize:' >> /app/
> Feb 26 15:10:02 ABCD.com CROND[51740]: pam_unix(crond:session): session
> closed for user root
> Feb 26 15:10:02 ABCD.com sendmail[51759]: x1QKA2Bw051759: from=root,
> size=1598, class=-60, nrcpts=1, msgid=<
> *201902262010.x1QKA2Bw051759 at ABCD.com*
> <201902262010.x1QKA2Bw051759 at ABCD.com>>, relay=root at localho
> Feb 26 15:10:02 ABCD.com sendmail[51759]: x1QKA2Bw051759: to=root,
> ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay,
> pri=139598, relay=[127.0.0.1] [127.0.0.1],
> Feb 26 15:10:02 ABCD.com CROND[51741]: pam_unix(crond:session): session
> closed for user root
> Feb 26 15:10:50 ABCD.com sudo[51905]: VL51 : TTY=pts/0 ;
> PWD=/app/syslog-ng/custom/conf ; USER=root ; COMMAND=/usr/bin/su -
> Feb 26 15:10:50 ABCD.com su[51909]: (to root) VL51 on pts/0
> Feb 26 15:10:50 ABCD.com su[51909]: pam_unix(su-l:session): session opened
> for user root by VL51(uid=0)
> Feb 26 15:15:01 ABCD.com crond[52764]: pam_unix(crond:account): password
> for user root will expire in 8 days
> Feb 26 15:15:01 ABCD.com crond[52764]: pam_unix(crond:session): session
> opened for user root by (uid=0)
> Feb 26 15:15:01 ABCD.com CROND[52765]: (root) CMD (/usr/sbin/logrotate
> /app/syslog-ng/custom/conf/syslog-ng-rotate.conf)
> Feb 26 15:15:01 ABCD.com CROND[52764]: pam_unix(crond:session): session
> closed for user root
> Feb 26 15:17:02 ABCD.com polkitd[1117]: Registered Authentication Agent
> for unix-process:53295:2185270730 (system bus name :1.268
> [/usr/bin/pkttyagent --notify-fd 5 --fallback],
> Feb 26 15:17:02 ABCD.com systemd[1]: Stopping LSB: start and stop
> syslog-NG daemon...
> -- Subject: Unit syslog-ng.service has begun shutting down
> -- Defined-By: systemd
> -- Support: *http://lists.freedesktop.org/mailman/listinfo/systemd-devel*
> <http://lists.freedesktop.org/mailman/listinfo/systemd-devel>
> --
> -- Unit syslog-ng.service has begun shutting down.
> Feb 26 15:17:02 ABCD.com supervise/syslog-ng[116275]: Daemon exited
> gracefully, not restarting; exitcode='0'
> Feb 26 15:17:03 ABCD.com syslog-ng[53303]: Stopping syslog-ng: [ OK ]
> Feb 26 15:17:03 ABCD.com systemd[1]: Starting LSB: start and stop
> syslog-NG daemon...
> -- Subject: Unit syslog-ng.service has begun start-up
> -- Defined-By: systemd
> -- Support: *http://lists.freedesktop.org/mailman/listinfo/systemd-devel*
> <http://lists.freedesktop.org/mailman/listinfo/systemd-devel>
> --
> -- Unit syslog-ng.service has begun starting up.
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: Starting syslog-ng:
> [2019-02-26T15:17:04.082875] WARNING: With use-dns(no), dns-cache() will be
> forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083333]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083396]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083451]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083503]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.083554]
> WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.250946] Error
> checking the uniqueness of the persist names, please override it with
> persist-name option. Shutting
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [2019-02-26T15:17:04.250984] Error
> checking the uniqueness of the persist names, please override it with
> persist-name option. Shutting
> Feb 26 15:17:04 ABCD.com syslog-ng[53320]: [FAILED]
> Feb 26 15:17:04 ABCD.com systemd[1]: syslog-ng.service: control process
> exited, code=exited status=1
> Feb 26 15:17:04 ABCD.com systemd[1]: Failed to start LSB: start and stop
> syslog-NG daemon.
> -- Subject: Unit syslog-ng.service has failed
> -- Defined-By: systemd
> -- Support: *http://lists.freedesktop.org/mailman/listinfo/systemd-devel*
> <http://lists.freedesktop.org/mailman/listinfo/systemd-devel>
> --
> -- Unit syslog-ng.service has failed.
> --
> -- The result is failed.
> Feb 26 15:17:04 ABCD.com systemd[1]: Unit syslog-ng.service entered
> failed state.
> Feb 26 15:17:04 ABCD.com systemd[1]: syslog-ng.service failed.
> Feb 26 15:17:04 ABCD.com polkitd[1117]: Unregistered Authentication Agent
> for unix-process:53295:2185270730 (system bus name :1.268, object path
> /org/freedesktop/PolicyKit1/Auth
> Feb 26 15:20:01 ABCD.com crond[53909]: pam_unix(crond:account): password
> for user root will expire in 8 days
> Feb 26 15:20:01 ABCD.com crond[53908]: pam_unix(crond:account): password
> for user root will expire in 8 days
> Feb 26 15:20:01 ABCD.com crond[53909]: pam_unix(crond:session): session
> opened for user root by (uid=0)
> Feb 26 15:20:01 ABCD.com crond[53908]: pam_unix(crond:session): session
> opened for user root by (uid=0)
> Feb 26 15:20:01 ABCD.com CROND[53910]: (root) CMD (/usr/lib64/sa/sa1 1 1)
> Feb 26 15:20:01 ABCD.com CROND[53911]: (root) CMD (/bin/printf
> '\n***********************************************************************************\n\n
> For filesize:' >> /app/
> Feb 26 15:20:01 ABCD.com CROND[53908]: pam_unix(crond:session): session
> closed for user root
> Feb 26 15:20:01 ABCD.com sendmail[53926]: x1QKK1vA053926: from=root,
> size=1805, class=-60, nrcpts=1, msgid=<
> *201902262020.x1QKK1vA053926 at ABCD.com*
> <201902262020.x1QKK1vA053926 at ABCD.com>>, relay=root at localho
> Feb 26 15:20:01 ABCD.com sendmail[53926]: x1QKK1vA053926: to=root,
> ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay,
> pri=139805, relay=[127.0.0.1] [127.0.0.1],
> Feb 26 15:20:01 ABCD.com CROND[53909]: pam_unix(crond:session): session
> closed for user root
>
>
> Thank you very much for your expertize and instruction!!!!!
>
> *VL*
>
>
>
>
>
>
> _______________________________________________________________________
>
> If you received this email in error, please advise the sender (by return
> email or otherwise) immediately. You have consented to receive the attached
> electronically at the above-noted email address; please retain a copy of
> this confirmation for future reference.
>
> Si vous recevez ce courriel par erreur, veuillez en aviser l'expéditeur
> immédiatement, par retour de courriel ou par un autre moyen. Vous avez
> accepté de recevoir le(s) document(s) ci-joint(s) par voie électronique à
> l'adresse courriel indiquée ci-dessus; veuillez conserver une copie de
> cette confirmation pour les fins de reference future.
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190227/351df70d/attachment-0001.html>
More information about the syslog-ng
mailing list