Bfd logs to remote syslog-ng server
 

Good evening

I have an issue that I need your opinion.

I have apf + bfd installed in my server. Currently I'm sending all logs ( syslog ) to a remote logging server ( syslog-ng )

However I've checked , that some information is not being captured, I guess.

In fact if I have a look in bfd_log on local server, those Ips blocked are not listed in remote logging server. All info generated to bfd_log and apf_log is not being received by log server,

Probably BFD and APF logs ( excepting TCP DROP ) are not being captured by syslog in local machine or syslog can't send it to my remote logging machine.

I've checked in conf.bfd some log settings and I have this:

TLOG_PATH="$INSTALL_PATH/tlog"

# syslog kernel log path
KERNEL_LOG_PATH="/var/log/messages"

# syslog auth log path
AUTH_LOG_PATH="/var/log/secure"

# bfd application log path
BFD_LOG_PATH="/var/log/bfd_log"

# log all events to syslog [0 = off; 1 = on]
OUTPUT_SYSLOG="1"

# log file path for syslog logging
OUTPUT_SYSLOG_FILE="$KERNEL_LOG_PATH"


Syslog support appears to be up. BFD version is 1.2
I have this issue in other machines with bfd installed with version 0.9 which can't find in conf.bfd the option "OUTPUT_SYSLOG".

My syslog.conf only contains this change:

*.debug @xx.xx.xx.xx


Have you already been reported about this issue?




Best Regards

Thanks