[syslog-ng] Help needed in configuration file upgrade (from syslog-ng-3.11.1 to syslog-ng-3.23.1)

Thu Sep 26 12:46:06 UTC 2019

Hi,

Sorry, I did not write it clearly, the example command in your case should look like:
# /sbin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng.pid -Fedtv

Best regards,
Attila
________________________________
From: syslog-ng <syslog-ng-bounces at lists.balabit.hu> on behalf of Debananda Pal <debananda.pal at gmail.com>
Sent: Thursday, September 26, 2019 2:22 PM
To: Syslog-ng users' and developers' mailing list <syslog-ng at lists.balabit.hu>
Subject: Re: [syslog-ng] Help needed in configuration file upgrade (from syslog-ng-3.11.1 to syslog-ng-3.23.1)

CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.

Hi,
Please find the output of the command as below :
-----------------------------------
~ # syslog-ng -Fedtv
[2019-09-26T12:20:03.417562] Unable to detect fully qualified hostname for localhost, use_fqdn() will use the short hostname;
[2019-09-26T12:20:03.417956] Error opening configuration file; filename='//etc/syslog-ng.conf', error='Failed to open file ▒“
//etc/syslog-ng.conf▒”: No such file or directory'
~ #
-----------------------------------
Actually the file location is different in our target system, we are executing the command as below :
# /sbin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng.pid
-----------------------------------

Regards,
D Pal

On Thu, Sep 26, 2019 at 4:22 PM Attila Szakacs (aszakacs) <Attila.Szakacs at oneidentity.com<mailto:Attila.Szakacs at oneidentity.com>> wrote:
Hi,

Could you run syslog-ng with -Fedtv flags and share the output?

Best regards,
Attila
________________________________
From: syslog-ng <syslog-ng-bounces at lists.balabit.hu<mailto:syslog-ng-bounces at lists.balabit.hu>> on behalf of Debananda Pal <debananda.pal at gmail.com<mailto:debananda.pal at gmail.com>>
Sent: Wednesday, September 25, 2019 4:55 PM
To: syslog-ng at lists.balabit.hu<mailto:syslog-ng at lists.balabit.hu> <syslog-ng at lists.balabit.hu<mailto:syslog-ng at lists.balabit.hu>>
Subject: [syslog-ng] Help needed in configuration file upgrade (from syslog-ng-3.11.1 to syslog-ng-3.23.1)

CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.

Hi All,

Sorry to send the mail to all as I am not aware about individual email id.

I am trying to upgrade syslog-ng from 3.11.1  to  3.23.1 on Linux and finding some issues as below.
I have changed few parameters like version, include, but at present getting error with file() configuration.
-------------------------------------------------------------------------------------
~ # /sbin/syslog-ng -f /tandberg/persistent/syslog-ng.conf -p /var/run/syslog-ng.pid
[2019-09-25T13:40:11.707232] WARNING: Your configuration file uses an obsoleted keyword, please update your configuration; key
word='flush_timeout', change='Some drivers support batch-timeout() instead that you can specify at the destination level.', lo
cation='#buffer:15:5'
Error parsing source statement, source plugin file not found in /tandberg/persistent/syslog-ng.conf:31:5-31:9:
26
27      #   Sources
28
29      source s_everything {
30          internal();
31---->     file("/proc/kmsg" log_fetch_limit(100) log_iw_size(100));
31---->     ^^^^
32          unix_dgram("/var/log/log" log_fetch_limit(100) log_iw_size(100));
33          udp(ip(127.0.0.1) port(514) log_fetch_limit(100) log_iw_size(100));
34      };
35
36      #   Destinations

syslog-ng documentation: https://www.balabit.com/support/documentation?product=syslog-ng-ose<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%3Fproduct%3Dsyslog-ng-ose&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183237060&sdata=6X4%2FKSYFXwDuseR%2B%2B4wnlC%2FgG4HwbrSMlOG7byPXGBA%3D&reserved=0>
contact: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183237060&sdata=DTFVzj6ROb4rfAH6w31fmRRnMTFduRzsQQaL9N2fkwk%3D&reserved=0>
~ #
-------------------------------------------------------------------------------------

I have attached the syslog-ng.conf file for your kind perusal.
Please give your suggestion on the modified config file.

Regards,
D Pal
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183247056&sdata=mBfnED6IQEPX5LXqfn9yp3%2BP%2FCe3GsIBd1H7aWzwsyw%3D&reserved=0>
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183247056&sdata=NKyFt%2B5WznxZ%2BHw0RmEFWPyxSUbsfcnoUzAoZZJoeg0%3D&reserved=0>
FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C6ce4e3236aca4b3a64a608d7427c5a53%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637050974183257047&sdata=vn3jyhEzK7qrNfPdGrQxw8nRD%2BtzaijS58S7%2FcNFTXY%3D&reserved=0>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190926/0e0c5a6a/attachment-0001.html>