Questions tagged [syslog-ng]
Questions specific to the syslog-ng logging solution (https://syslog-ng.org/). Use this tag if your question relates to configuring or using syslog-ng, or if you'd like to know if you can solve a particular logging problem with syslog-ng.
77 questions
0votes
0answers
30views
cisco parser dropping logs
new to syslog-ng but been working on this issue for a few days and have nowhere to go. logs aren't really pointing me anywhere anymore that I can tell. I'm running syslog-ng as a container in an ...
0votes
1answer
529views
How do I change the date/time format in syslog-ng from `mmm [d]d hh:mm:ss` to `yyyy-mm-dd hh:mm:ss`?
I noticed that the default datetime format for logs in /var/log/messages is mmm [d]d hh:mm:ss, for example: Jan 4 03:46:50 1.2.3.4 ntpclient[6952]: Failed resolving address to hostname pool.ntp.org: ...
- 159
0votes
2answers
459views
How do I check which conf file was loaded by syslog-ng when starting?
I am running syslog-ng on debian. How do I check which conf file was loaded upon startup? Neither systemctl status syslog-ng nor systemctl show syslog-ng tell me.
- 159
0votes
0answers
1kviews
Is rsyslog compatible with syslog-ng?
I am doing a project where the organisation uses syslog-ng for the central remote logging servers and this will surely not change. The application suite that I am developing on, is using Red Hat ...
0votes
1answer
1kviews
Issue with uniqueness of the persist names in syslog-ng
I am new to syslog-ng and was trying to fix the issue of an error which arises due to uniqueness of the persist names in syslog-ng, I see the below error in my syslog err Error checking the ...
- 103
1vote
1answer
2kviews
Buildroot: syslog-ng logs into the "/var/log/messages.1" file instead of "/var/log/messages"
I am building an embedded Linux board with Buildroot (user manual here). I have syslog-ng running on the board. It's config file is specified in buildroot here: https://github.com/buildroot/buildroot/...
- 2,902
0votes
1answer
3kviews
syslog-ng not writing to file
I am new to syslog-ng, and want to test writing to a syslog from an external device. The external device shows that it is "connected" to my syslog on port 516. However, on my CentOS7 host ...
- 1,953
1vote
1answer
479views
syslog-ng does not include severity in its lines
I'm trying to configure syslog-ng in an embedded distro. I added the syslog-ng package. I was expecting the /var/log/ files to include their log severity / log level, but it isn't to. Any way to ...
- 433
0votes
1answer
322views
Howto log multiple sftpd server's activity which user's chrooted home is on shared NFS?
I have an Ubuntu server with sftpd running where /var/data/chroot/ is an NFS mount from a remote central NFS server, and each sftpd user's chroot home is /var/data/chroot/<username>/ and every ...
user319783
0votes
0answers
2kviews
Switched from rsyslog to syslog-ng, but its not starting up
I wanted to switch logging from rsyslog to syslog-ng, but after configuration and startup, it faield to start up. This is the log file I am getting, but I cant find any clues there what is wrong: rrr-...
- 151
2votes
1answer
1kviews
Any way to keep Stunnel from blowing up my logfiles?
I have stunnel v5.44 (Ubuntu 18.04 v3:5.44-1ubuntu3) configured on a client to connect to a server in a screened subnet. The remote host has syslog configured to listen for logfiles over the stunnel ...
- 577
0votes
0answers
339views
internal logrotate mechanism in syslog-ng
Does the syslog-ng has its own rotating mechanism? I am new to auditing and linux and I though I could use logrotate but I noticed that I need to restart the syslog-ng daemon every time when I use it ...
0votes
0answers
769views
Syslog-ng failing, unable to resolve 0.0.0.0
I am rebuilding my Raspberry Pi from scratch and following my docs that I keep with regards to what I install and configure, so that I can quickly get the system rebuilt. In this instance I am using ...
- 11
2votes
1answer
1kviews
What is `tty10` used for in syslog-ng
syslog-ng has the option to include a config snippet: @include "`scl-root`/system/tty10.conf" and many examples on-line include that file; but I can't understand what it's for? The entire included ...
- 454
0votes
1answer
176views
Syslog Ng detecting f5 logs as a directory due to hostname written attached as "local/" or "slot1/"
We have a system in place where we have a bunch of f5 devices sending logs to syslog-ng. We have syslog-ng configured to go to: /path/to/directory/$HOST. This is causing a problem because since /...
- 13
