DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Packages and Ports

OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 21st November 2017
cbuckingh cbuckingh is offline
Real Name: Buckingham
New User
 
Join Date: Nov 2017
Location: UK
Posts: 5
Default syslog-ng running but not writing logs

Hello forum members,

Am having a bit of trouble getting syslog-ng 3.9.1 to write log files on OpenBSD 6.2. The O/S was installed from scratch, then syslog-ng, then BIND. No other packages except syslog-ng and BIND dependencies have been installed. No binaries or libs from BIND conflict or replace any from the syslog-ng installation.

The configuration was copied over from another OpenBSD system running an older syslog-ng. The required changes to the .conf file were made so that syslog-ng with supervisor starts and remains running. By killing the syslog-ng process I was able to test that the supervisor process restarts syslog-ng. The rc.d script starts, stops and restarts syslog-ng as expected. /usr/local/sbin/syslog-ng -s returns no errors, indicating that the config file is sane. In /var/log the only thing it writes are kernel and syslog-ng start/stop messages.

In an effort to find the problem, a stub syslog-ng.conf file was created with the following contents:
Code:
@version: 3.9.1
source s_local {
        unix-dgram("/dev/log");
        file("/dev/klog" program_override("kernel: "));
        internal();
        };
#
destination catchall { file(/var/log/catchall); };
log { source(s_local);  destination(catchall);  };
The permissions and ownership on /var, /var/log, /var/run, and /etc are correct according to /etc/mtree/special. Syslog-ng starts so that it retains root permissions (default) and creates /dev/log if it does not exist. My syslog_ng_flags are:
Code:
"-R /var/run/syslog_ng.persist -c /var/run/syslog_ng.ctl -p /var/run/syslog_ng.pid"
The output of syslog-ng -V is:
Code:
syslog-ng 3.9.1
Installer-Version: 3.9.1
Revision:
Module-Directory: /usr/local/lib/syslog-ng
Module-Path: /usr/local/lib/syslog-ng
Available-Modules: affile,afprog,afsocket,afsql,afuser,basicfuncs,cef,confgen,cryptofuncs,csvparser,curl,date,dbparser,disk-buffer,geoip-plugin,graphite,kvformat,linux-kmsg-format,pseudofile,system-source,add-contextual-data,json-plugin,syslogformat
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: off
Enable-TCP-Wrapper: off
Enable-Linux-Caps: off
On my hunt I foud a message on NARKIVE where a user was having the same problem with syslog-ng 3.6 on OpenBSD 5.9, there was no solution. There was a reply saying: "With the changes in 5.6 using sendsyslog(2), only syslogd picks up local syslog. Search the openbsd-ports list for syslog-ng to see some comments on it.". A further search turned up nothing. This begs the question: Is this the same problem and if so, how did this package make it onto the official OpenBSD package mirror-sites?

Many thanks in advance.
CB
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD 5.2 & Syslog-ng CyberJet OpenBSD Installation and Upgrading 22 31st January 2019 08:22 PM
wierd logs in pf kondziq FreeBSD Security 6 19th June 2010 04:27 PM
Syslog-ng Monitor plexter OpenBSD Packages and Ports 8 5th February 2010 09:38 PM
tftp logs syrushcw FreeBSD General 1 25th June 2008 04:06 PM
How do I get network logs? Johnny2Bad FreeBSD General 2 22nd May 2008 05:37 PM


All times are GMT. The time now is 02:39 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick