Gentoo Archives: gentoo-user

From:	Alan McKinnon <alan.mckinnon@×××××.com>
To:	gentoo-user@l.g.o
Subject:	Re: [gentoo-user] syslog-ng-3.6.1 nearly no log anymore
Date:	Sat, 15 Nov 2014 05:04:16
Message-Id:	`5466DEC3.8020209@gmail.com`
In Reply to:	Re: [gentoo-user] syslog-ng-3.6.1 nearly no log anymore by Helmut Jarausch

1	On 14/11/2014 20:44, Helmut Jarausch wrote:
2	> On 11/14/2014 06:46:28 PM, Alan McKinnon wrote:
3	>> On 14/11/2014 18:18, Helmut Jarausch wrote:
4	>>> On 11/13/2014 09:05:50 PM, Alan McKinnon wrote:
5	>>>> On 13/11/2014 18:41, Helmut Jarausch wrote:
6	>>>>> Hi,
7	>>>>>
8	>>>>> after upgrading from syslog-ng-3.5.6 to syslog-ng-3.6.1 my
9	>> system
10	>>>> has
11	>>>>> stopped logging, i.e. I only get the messages
12	>>>>> Nov 12 21:04:10 numa syslog-ng[1392]: syslog-ng shutting down;
13	>>>>> version='3.6.1'
14	>>>>> Nov 13 14:52:20 numa syslog-ng[1392]: syslog-ng starting up;
15	>>>>> version='3.6.1'
16	>>>>>
17	>>>>> Has anybody observed the same problem, and how to fix it?
18	>>>>>
19	>>>>> Many thanks for a hint,
20	>>>>> Helmut
21	>>>>>
22	>>>>>
23	>>>>
24	>>>>
25	>>>> Run a syntax check on the config file, I don't have a man page to
26	>>>> hand
27	>>>> but it's quite obvious what the option is.
28	>>>> syslog-ng has sometimes been picky about version numbers in the
29	>> past
30	>>>> and
31	>>>> it's tagged in the config file. Read the syntax check output
32	>>>> carefully
33	>>>> to see if anything is amiss.
34	>>>
35	>>> Thanks, Alan.
36	>>>
37	>>> The only unusual message is
38	>>> Systemd is not detected as the running init system;
39	>>>
40	>>> which is true since I still use openrc (but with systemd installed,
41	>> as
42	>>> well)
43	>>> Could this be the culprit?
44	>>
45	>>
46	>> I doubt it, I also use 3.6.1 without systemd.
47	>>
48	>> Please post eix syslog-ng so we can see how your USE is set up, and
49	>> your
50	>> syslog-ng.conf
51	>>
52	> Thanks, Alan.
53	>
54	> [U] app-admin/syslog-ng
55	> Available versions: 3.4.7^t 3.4.8^t (~)3.5.6^t{tbz2}[1]
56	> (~)3.6.1^t{tbz2} {amqp caps dbi geoip ipv6 json mongodb pacct +pcre
57	> redis smtp spoof-source ssl systemd tcpd}
58	> Installed versions: 3.5.6^t{tbz2}[1](05:21:52 PM 11/14/2014)(ipv6
59	> json pcre ssl systemd tcpd -amqp -caps -dbi -geoip -mongodb -pacct -
60	> smtp -spoof-source)
61	> Homepage: http://www.balabit.com/network-security/
62	> syslog-ng
63	> Description: syslog replacement with advanced filtering
64	> features
65
66
67	I don't find any info on what the syslog-ng ebuild does with
68	USE=systemd, I suspect it may want to use the fancy logging features
69	built into systemd.
70
71	Since you have it, but don't run it, does USE=-systemd fix the issue?
72
73
74	>
75	> And here are the config files (I've left out the commented lines)
76	>
77	> ================ /etc/syslog-ng/scl.conf =============================
78	> @define scl-root "`syslog-ng-data`/include/scl"
79	> @define include-path "`include-path`:`syslog-ng-data`/include"
80	>
81	> @include 'scl/system/plugin.conf'
82	> @include 'scl/pacct/plugin.conf'
83	> @include 'scl/syslogconf/plugin.conf'
84	>
85	> ================ /etc/syslog-ng/syslog-ng.conf =================
86	> options {
87	> threaded(yes);
88	> chain_hostnames(no);
89	> stats_freq(43200);
90	>
91	> mark_freq(3600);
92	> };
93	>
94	> source src { system(); internal(); };
95	>
96	> destination messages { file("/var/log/messages"); };
97	> destination console_all { file("/dev/tty12"); };
98	> log { source(src); destination(messages); };
99	> log { source(src); destination(console_all); };
100	>
101	>
102	> ================ /etc/conf.d/syslog-ng =================
103	> SYSLOG_NG_OPTS=""
104
105
106	That all looks normal, I don't see anything problematic there
107
108
109	--
110	Alan McKinnon
111	alan.mckinnon@×××××.com

Replies

Subject	Author
Re: [gentoo-user] syslog-ng-3.6.1 nearly no log anymore	Neil Bothwick <neil@××××××××××.uk>

Report Message

Find on MARC Find on Google Groups