Dear All,
I am trying to configure syslog-ng package for managing logs, but there is some where something wrong in my configuration such that it is not generatinglogs
below file is quite long
#vi /usr/local/etc/syslog-ng/syslog-ng.conf
Code:
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (on);
use_fqdn (yes);
create_dirs (no);
chain_hostnames(no);
keep_hostname (yes);
perm(0644);
dir_perm(0755);
};
source s_sys { unix-stream ("/dev/log"); internal(); };
source s_udp { udp(); };
source kernel_file { file("/proc/kmsg"); };
destination d_cons { file("/dev/console"); };
destination d_spol { file("/var/log/spooler.log"); };
destination d_mesg { file("/var/log/messages.log"); };
destination d_auth { file("/var/log/secure.log"); };
destination d_uucp { file("/var/log/uucp.log"); };
destination d_boot { file("/var/log/boot.log"); };
destination d_mlal { usertty("*"); };
destination d_kern { file("/var/log/kernel.log"); };
destination numetrace { file("/var/log/numetrace.log"); };
destination nume { file("/var/log/nume.log"); };
destination postgres { file("/var/log/postgres.log"); };
destination php { file("/var/log/local2.log"); };
destination boot { file("/var/log/boot.log"); };
destination cron { file("/var/log/cron.log"); };
destination daemon { file("/var/log/daemon.log"); };
destination ftp { file("/var/log/ftp.log"); };
destination lpr { file("/var/log/lpr.log"); };
destination mail { file("/var/log/maillog"); };
destination news { file("/var/log/news.log"); };
destination syslog { file("/var/log/syslog.log"); };
destination user { file("/var/log/user.log"); };
destination local3 { file("/var/log/local3.log"); };
destination local4 { file("/var/log/local4.log"); };
destination local5 { file("/var/log/local5.log"); };
destination local6 { file("/var/log/local6.log"); };
destination emerg { file("/var/log/emerg.log"); };
destination crit { file("/var/log/crit.log"); };
destination alert { file("/var/log/alert.log"); };
destination err { file("/var/log/err.log"); };
destination warning { file("/var/log/warning.log"); };
filter cons { facility(kern); };
filter spooler { facility(uucp) or (facility(news) and level(crit)); };
filter mesg { level(info, notice, warning, err, crit, alert, emerg) and facility(kern, uucp, news, local3, local4, local5, local6, daemon, ftp, lpr); };
filter auth { facility(authpriv); };
filter emerg { level(emerg); };
filter uucp { facility(uucp); };
filter cron { facility(cron); };
filter kern_debug { facility(kern); };
filter postgres { facility(local0); };
filter nume_trace { facility(local1); };
filter nume { facility(local1) and level(info, notice, warning, err, crit, alert, emerg); };
filter php { facility(local2); };
filter local3 { facility(local3); };
filter local4 { facility(local4); };
filter local5 { facility(local5); };
filter local6 { facility(local6); };
filter boot { facility(local7); };
filter daemon { facility(daemon); };
filter ftp { facility(ftp); };
filter lpr { facility(lpr); };
filter mail { facility(mail); };
filter news { facility(news); };
filter syslog { facility(syslog); };
filter user { facility(user); };
filter warning { level(warning); };
filter crit { level(crit, alert, emerg); };
filter alert { level(alert, emerg); };
filter err { level(err, crit, alert, emerg); };
log { source(s_sys); source(s_udp); filter(cons); destination(d_cons); };
log { source(s_sys); source(s_udp); filter(mesg); destination(d_mesg); };
log { source(s_sys); source(s_udp); filter(auth); destination(d_auth); };
log { source(s_sys); source(s_udp); filter(emerg); destination(d_mlal); };
log { source(s_sys); source(s_udp); filter(uucp); destination(d_uucp); };
log { source(s_sys); source(s_udp); filter(boot); destination(boot); };
log { source(s_sys); source(s_udp); filter(php); destination(php); };
log { source(s_sys); source(s_udp); filter(postgres); destination(postgres); };
log { source(s_sys); source(s_udp); filter(nume_trace); destination(numetrace); };
log { source(s_sys); source(s_udp); filter(nume); destination(nume); };
log { source(s_sys); source(s_udp); source(kernel_file); filter(kern_debug); destination(d_kern); };
log { source(s_sys); source(s_udp); filter(cron); destination(cron); };
log { source(s_sys); source(s_udp); filter(daemon); destination(daemon); };
log { source(s_sys); source(s_udp); filter(ftp); destination(ftp); };
log { source(s_sys); source(s_udp); filter(lpr); destination(lpr); };
log { source(s_sys); source(s_udp); filter(mail); destination(mail); };
log { source(s_sys); source(s_udp); filter(news); destination(news); };
log { source(s_sys); source(s_udp); filter(syslog); destination(syslog); };
log { source(s_sys); source(s_udp); filter(user); destination(user); };
log { source(s_sys); source(s_udp); filter(local3); destination(local3); };
log { source(s_sys); source(s_udp); filter(local4); destination(local4); };
log { source(s_sys); source(s_udp); filter(local5); destination(local5); };
log { source(s_sys); source(s_udp); filter(local6); destination(local6); };
log { source(s_sys); source(s_udp); filter(spooler); destination(d_spol); };
log { source(s_sys); source(s_udp); filter(emerg); destination(emerg); };
log { source(s_sys); source(s_udp); filter(crit); destination(crit); };
log { source(s_sys); source(s_udp); filter(alert); destination(alert); };
log { source(s_sys); source(s_udp); filter(err); destination(err); };
log { source(s_sys); source(s_udp); filter(warning); destination(warning); };
filter ext_filter { level(warning) or level(err) or level(alert) or level(crit) or level(emerg) or facility(authpriv); };
log { source(s_sys); source(s_udp); source(kernel_file); filter(ext_filter); };
Any guess , why it is not managing log, no new logs have been added to log directory, as
/var/log/messages doens't contains any new message after i configured syslog-ng but if i will restart my syslog(the default that comes with redhat) it will start adding new logs to /var/log/messages. . ......
-jack
