[syslog-ng] use loggen to insert content of a file into local log file

Thu Mar 14 01:04:28 UTC 2019

Hello Fabien,

 Udp 5514 be listening  by syslog-ng  and write the info into  /app/syslog-ng/output/AAA.log 
******************************************************************
Here is from syslog-ng.conf
source s_AAA_network {
        network(
                transport("udp")
                port(5514)
                flags(syslog_protocol)
                keep_hostname(yes)
                keep_timestamp(yes)
                use_dns(no)
                use_fqdn(no)
                tags("cppm")
        );
};
destination d_cppm_logs {
        file("/app/syslog-ng/output/AAA.log");
        network("192.168.22. 39" port(5514) transport(udp) spoof_source(yes));
};

log {
        source(s_AAA_network);
        destination(d_AAA_Audit_logs);
};

I can see both AAA.log and remote server 192.168.22. 39 can receive the syslog messages.
************************************************************************

  When I run a test command below, I got the following output
/app/syslog-ng/bin/loggen -D localhost 5514 "test test test"
count=1864, rate = 963.75 msg/sec
count=2348, rate = 967.19 msg/sec
count=2830, rate = 963.87 msg/sec
count=3314, rate = 967.87 msg/sec
count=3796, rate = 963.87 msg/sec
count=4280, rate = 967.41 msg/sec
count=4762, rate = 963.75 msg/sec
count=5246, rate = 967.87 msg/sec
count=5728, rate = 963.87 msg/sec
count=6212, rate = 967.87 msg/sec
count=6694, rate = 963.71 msg/sec
count=7177, rate = 965.46 msg/sec
count=7660, rate = 965.70 msg/sec
count=8142, rate = 963.74 msg/sec
count=8626, rate = 967.71 msg/sec
count=9108, rate = 963.85 msg/sec
count=9590, rate = 963.84 msg/sec
count=10074, rate = 966.30 msg/sec
count=10554, rate = 959.80 msg/sec
average rate = 1055.01 msg/sec, count=10554, time=10.0037, (average) msg size=256, bandwidth=263.75 kB/sec

but I didn't see "test test test" been  writen into /app/syslog-ng/output/AAA.log

Do I using  the correct format of loggen command? 

Thank you very much!

VL

-----Original Message-----
From: syslog-ng [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of syslog-ng-request at lists.balabit.hu
Sent: 2019, March, 07 7:00 AM
To: syslog-ng at lists.balabit.hu
Subject: syslog-ng Digest, Vol 167, Issue 15

Send syslog-ng mailing list submissions to
	syslog-ng at lists.balabit.hu

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.balabit.hu/mailman/listinfo/syslog-ng
or, via email, send a message with subject or body 'help' to
	syslog-ng-request at lists.balabit.hu

You can reach the person managing the list at
	syslog-ng-owner at lists.balabit.hu

When replying, please edit your Subject line so it is more specific than "Re: Contents of syslog-ng digest..."

Today's Topics:

   1. Re:  use loggen to insert content of a file into local log
      file (Fabien Wernli)

----------------------------------------------------------------------

Message: 1
Date: Thu, 7 Mar 2019 09:03:34 +0100
From: Fabien Wernli <wernli at in2p3.fr>
To: "Syslog-ng users' and developers' mailing list"
	<syslog-ng at lists.balabit.hu>
Subject: Re: [syslog-ng] use loggen to insert content of a file into
	local log file
Message-ID: <20190307080334.n3xc2q5nq2kfr7wv at ccfawe.in2p3.fr>
Content-Type: text/plain; charset=iso-8859-1

On Wed, Mar 06, 2019 at 01:35:02PM +0000, Lin, Victor wrote:
>   Could anyone can give an example of using loggen to insert content of a file into  a local log file ?

you could use loggen to send to a specific port, on which syslog-ng would be listening, then create a log statement sendîng to that file, e.g. off the top of my head:

log {
  source {
    syslog(
      port(1234)
    );
  };
  destination {
    file(
      '/tmp/loggen.log'
    );
  };
};

loggen -D "blah blah blah" localhost 1234

------------------------------

Subject: Digest Footer

_______________________________________________
syslog-ng maillist  -  syslog-ng at lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng

------------------------------

End of syslog-ng Digest, Vol 167, Issue 15
******************************************
_______________________________________________________________________
If you received this email in error, please advise the sender (by return email or otherwise) immediately. You have consented to receive the attached electronically at the above-noted email address; please retain a copy of this confirmation for future reference.  

Si vous recevez ce courriel par erreur, veuillez en aviser l'expéditeur immédiatement, par retour de courriel ou par un autre moyen. Vous avez accepté de recevoir le(s) document(s) ci-joint(s) par voie électronique à l'adresse courriel indiquée ci-dessus; veuillez conserver une copie de cette confirmation pour les fins de reference future.