| Main Archive Page > Month Archives > syslog-ng-users archives |
Re: [syslog-ng] Syslog-ng on Solaris 9 problem
From: Elgin Lorenz <lorenz_at_nospam>Date: Thu Oct 21 2010 - 11:51:22 GMT
To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>
Matthew Hall wrote:
> On Wed, Oct 20, 2010 at 01:40:44PM +0200, Elgin Lorenz wrote:
>> Thank you for your reply.
>>
>> I'm sorry I forgot to mention its syslog-ng-3.0.4.
>>
>> I tried the option you suggestet.
>> It changed the "last message repeated" log entry, this one is correct
>> now.
>> The "kernel: kernel: " entry is still wrong.
>>
>> The source driver looks like this:
>>
>> source s_udp { udp (ip(xxx.xxx.xxx.xxx) port(xxx)
>> flags(store-legacy-msghdr)); };
>>
>> Any other ideas?
>
> Could it be you need the same flag set on your other source for the
> kernel?
>
Thank you for your reply.
I'm afraid I don't know exactly what you mean.
There is only one source driver for remote sources, it is the above
mentioned.
The only other source driver is the sun-streams driver for Solaris
messages:
source s_sys { sun-streams ("/dev/log" door("/etc/.syslog_door"));
internal(); };
It seems to work correctly for all messages.
Anyway I tried the flag option with this driver, but is doesn't seem to
accept it, I always get a syntax error.
Kind regards,
Elgin Lorenz
-- Elgin Lorenz BTU Cottbus Universitaetsrechenzentrum Tel. 0355 693573 E-Mail lorenz@tu-cottbus.de
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html