[syslog-ng] source plugin network not found/problems getting syslog-ng to listen on tcp port

Simon Tyler simon.tyler at aon.com
Wed May 1 15:22:26 UTC 2019 

Hello,

I'm new to syslog-ng, and I'm having some trouble just getting it to listen on a tcp port. I've tried several different configurations. Some of the start up with no error, but a netstat or lsof command shows that there is no open /listening tcp port associated with the process. I'm pretty sure my mistake is basic or fundamental, but I haven't had much luck finding specific details to resolve this issue; there is a fair amount of material to comb through. I've tried several different tutorials.

I want a central log server that accepts logs from multiple sources, so I started by trying to configure it to listen on a tcp port, I'm thinking 514 because we don't use rshell anywhere, but it doesn't really matter what port.

The current error I'm getting is:

[root at ip-10-8-41-60 syslog-ng]# service syslog-ng start
Error parsing source, source plugin network not found in /etc/syslog-ng/syslog-ng.conf at line 85, column 2:

        network(
        ^^^^^^^

The section of the config file related to networking is below; I've commented out several attempts.

# s_net = Network listener. This is listening on TCP port 514, no UDP
#source s_net { tcp(port(514) max-connections(5000)); udp();};

#source s_net {
#       tcp(ip(10.8.41.60) port(514));
#};

#source s_net {
#       network(ip(10.8.41.60) port(514));
#};

#source s_network {
#       default-network-drivers();
#};

#source s_syslog { syslog(
#               ip(10.8.41.60) port(514) transport("tcp")); };

source s_network {
        network(
                ip("10.8.41.60")
                transport("tcp")
                listen-backlog(2048)
                );
};

There is a line at the top of the file:
@include "scl.conf"

I've attached the entire file.

Any guidance would be very much appreciated,

Simon Tyler  |  Senior Systems Administrator - PathWise Solutions Group
Aon
225 King Street West, Suite 1000  |  Toronto, ON M5V 3M2, Canada
t +1.416.263.7755  |  m +1.416.564.4855  |  f +1.416.979.7724
simon.tyler at aon.com<mailto:simon.tyler at aon.com>
PLEASE NOTE that my email address has changed to simon.tyler at aon.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190501/4cfbf496/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: syslog-ng.conf
Type: application/octet-stream
Size: 4159 bytes
Desc: syslog-ng.conf
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190501/4cfbf496/attachment.obj>

More information about the syslog-ng mailing list