Bfd logs to remote syslog-ng server
Good evening
I have an issue that I need your opinion.
I have apf + bfd installed in my server. Currently I'm sending all logs ( syslog ) to a remote logging server ( syslog-ng )
However I've checked , that some information is not being captured, I guess.
In fact if I have a look in bfd_log on local server, those Ips blocked are not listed in remote logging server. All info generated to bfd_log and apf_log is not being received by log server,
Probably BFD and APF logs ( excepting TCP DROP ) are not being captured by syslog in local machine or syslog can't send it to my remote logging machine.
I've checked in conf.bfd some log settings and I have this:
TLOG_PATH="$INSTALL_PATH/tlog"
# syslog kernel log path
KERNEL_LOG_PATH="/var/log/messages"
# syslog auth log path
AUTH_LOG_PATH="/var/log/secure"
# bfd application log path
BFD_LOG_PATH="/var/log/bfd_log"
# log all events to syslog [0 = off; 1 = on]
OUTPUT_SYSLOG="1"
# log file path for syslog logging
OUTPUT_SYSLOG_FILE="$KERNEL_LOG_PATH"
Syslog support appears to be up. BFD version is 1.2
I have this issue in other machines with bfd installed with version 0.9 which can't find in conf.bfd the option "OUTPUT_SYSLOG".
My syslog.conf only contains this change:
*.debug @xx.xx.xx.xx
Have you already been reported about this issue?
Best Regards
Thanks
|