[syslog-ng] Tips to diagnose missing syslog messages?

[Daniel Ehrlich]

Hi Everyone,

Does anyone have some diagnostic tips to offer to diagnose why syslog messages are not being received?
I have syslog-ng on a few servers but one is losing messages (others syslog-ng servers might be dropping that I am unaware off).
Not sure if there is some options I should add to the conf or diag commands or load specifications I should check?

Options:
options {
   chain_hostnames(no);
   create_dirs (yes);
   dir_perm(0755);
   dns_cache(yes);
   keep_hostname(yes);
   log_fifo_size(2048);
   log_msg_size(8192);
   perm(0644);
   time_reopen (10);
   use_dns(yes);
   use_fqdn(yes);
   flush_lines(100);
};

Also adding the flag-control flag to the log stanza.

Thanks
Daniel
__________________________________________________________________

This email (including any attached files) is confidential and is 

for the intended recipient(s) only. If you received this email by 

mistake, please, as a courtesy, tell the sender, then delete this 

email.

The views and opinions are the originator's and do not necessarily 

reflect those of the University of Southern Queensland. Although 

all reasonable precautions were taken to ensure that this email 

contained no viruses at the time it was sent we accept no 

liability for any losses arising from its receipt.

The University of Southern Queensland is a registered provider 

of education with the Australian Government.

(CRICOS Institution Code QLD 00244B / NSW 02225M, TEQSA PRV12081)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20210609/f09ca84d/attachment.html>