I recently started working on syslog-ng and would like to know more details like below(need not to be limited to only below).
Basics
- How it works
- If i have to run it on multiple devices to collect logs and send to any centralized server what kind of syslog configuration i need(like syslogd, syslog-ng etc.)
- What kind of buffers it uses internally for storing the logs from different services.
- How does it manage to store logs from kernel and other user services.
- various command line options to explore its way of working
- etc.
I was going through my syslog configuration file in that i see internal() ,that means all messages generated internally by syslog-ng use this special source.
What is this special source and where can i find these logs, i have checked in /var/log for messages file or other log files, but i could not find any are they not seen because of some configuration, where can i check.
I was going through following for more details:
https://www.syslog-ng.com/technical-...ernal-messages
but i could not find what i need.
Appreciate any help in this , Thanks in advance