Syslog not binding to 514
I'm having an issue with a Centos 5 installation. I'm trying to setup the syslog on my nagios/splunk server to accept messages from other syslog servers. I've made the necessary change to the /etc/sysconfig/syslog file, adding the -r option. I've restarted the syslog daemon and even restarted the whole server, but I'm not seeing it binding to port 514.
When I do a netstat -an |grep syslog I get nothing. If I do a netstat -an |grep 514 I get udp 0 0 0.0.0.0:514 0.0.0.0:* Short of replacing syslog with something else like rsyslog or syslog-ng I can't figure out why it's not listening. Has anyone else had this problem and figured it out? Thanks in advance! --Aric --------------- copy of /etc/sysconfig/syslog -------------------- # Options to syslogd # -m 0 disables 'MARK' messages. # -r enables logging from remote machines # -x disables DNS lookups on messages recieved with -r # See syslogd(8) for more details SYSLOGD_OPTIONS="-m 0 -r" # Options to klogd # -2 prints all kernel oops messages twice; once for klogd to decode, and # once for processing with 'ksymoops' # -x disables all klogd processing of oops messages entirely # See klogd(8) for more details KLOGD_OPTIONS="-x" # SYSLOG_UMASK=077 # set this to a umask value to use for all log files as in umask(1). # By default, all permissions are removed for "group" and "other". |
That looks fine. syslog works over UDP so there's no 'LISTENING' going on.
Run 'netstat -pantu | grep syslog' to check. Dave |
you can try do :
netstat -ntulp | grep :514 if udp 514 is listening,may be your firewall...you can test ... |
All times are GMT -5. The time now is 04:34 AM. |