Hi guys, After 31st March our rsyslog v8.4.2 Solaris 11 servers stopped processing lots of messages. I think we had a network change but do not yet know what.
Tcpdump showed the test message arrived, # tcpdump -s 0 -A -vvv port 514 |grep sdfasdfsa dropped privs to nobody tcpdump: listening on ipmp0, link-type IPNET (Solaris ipnet), capture size 262144 bytes .KB.....78 <13>Apr 23 15:01:54 be-s0784-z1a emerg.info: [ID 702911 user.notice] sdfasdfsa 46 packets captured But the log file for this server remains empty. The rsyslog client sent the message over TCP with, *.info @@(o)sysl1:514 *.info @@(o)sysl2:514 Could this be a routing issue? Or something else. Best wishes, Sophie Team mailbox : [email protected] or direct [email protected] This message and any attachments (the "message") is intended solely for the intended addressees and is confidential. If you receive this message in error,or are not the intended recipient(s), please delete it and any copies from your systems and immediately notify the sender. Any unauthorized view, use that does not comply with its purpose, dissemination or disclosure, either whole or partial, is prohibited. Since the internet cannot guarantee the integrity of this message which may not be reliable, BNP PARIBAS (and its subsidiaries) shall not be liable for the message if modified, changed or falsified. Do not print this message unless it is necessary, consider the environment. ---------------------------------------------------------------------------------------------------------------------------------- Ce message et toutes les pieces jointes (ci-apres le "message") sont etablis a l'intention exclusive de ses destinataires et sont confidentiels. Si vous recevez ce message par erreur ou s'il ne vous est pas destine, merci de le detruire ainsi que toute copie de votre systeme et d'en avertir immediatement l'expediteur. Toute lecture non autorisee, toute utilisation de ce message qui n'est pas conforme a sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite. L'Internet ne permettant pas d'assurer l'integrite de ce message electronique susceptible d'alteration, BNP Paribas (et ses filiales) decline(nt) toute responsabilite au titre de ce message dans l'hypothese ou il aurait ete modifie, deforme ou falsifie. N'imprimez ce message que si necessaire, pensez a l'environnement. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
