Hello all,
I was able to solve it.
You have to configure completly than the interface comes up
only: udp(); is not enough:
source s_udp
{
udp(port(514));
};
destination d_router {
file("/var/log/router.log");
};
filter f_router {
host("x.x.x.x");
};
log {
source(s_udp);
filter(f_router);
destination(d_router);
};
netstat -an | grep :514
udp 0 0 0.0.0.0:514 0.0.0.0:*
regards
Stefan
----- Ursprüngliche Mail -----
> Von: "Stefan Fuhrmann" <stefan@xxxxxxxxxxxxxxxxxxxx>
> An: arch-general@xxxxxxxxxxxxx
> Gesendet: Dienstag, 1. Juli 2014 11:19:12
> Betreff: [arch-general] syslog-ng not listen on udp or tcp
> Hello all,
> I want to do a syslogserver but dont get it running to listen on udp or tcp.
> Here you can see my tries:
> #source src {
> # system();
> # internal();
> #source s_src { unix-dgram("/dev/log"); internal();
> # file("/proc/kmsg" program_override("kernel"));
> # udp();
> #udp (ip(x.x.x.x) port(514));
> #source src { unix-stream("/dev/log"); internal(); udp(ip(0.0.0.0)
> port(514)); };
> #};
> #source s_network { syslog(ip(x.x.x.x) transport("udp")); };
> source s_network { syslog(ip(x.x.x.x) transport("tcp")); };
> destination clientslogs {
> file("/var/log/pfsense/$YEAR$MONTH$DAY/$HOST.log");
> };
> after restarting syslog and have a look with
> netstat -an | grep :514
> nothing is shown
> What Im doing wrong?
> Can someone help?
> tia
> Stefan
