On Thu, 24 Jan 2013, Forrest Aldrich wrote:
For various reasons, we have a few central syslog servers that are based on
CentOS 6.3, which ships with rsyslog 5.8.x. Our other systems, based on
CentOS 5.x, have an older version 3 available. It was decided that I would
compile the lot and test it out first.
I've been able to compile it just fine, but for some bizarre reason that I'm
unable to figure out, rsyslog will not log over the network, but only
locally.
The compile flags:
Code:
http://kb.monitorware.com/#
|./configure --prefix=/usr/local --enable-gnutls --disable-testbench
--enable-imfile --enable-impstats --enable-imptcp --enable-mail
--enable-omprog --enable-omuxsock --enable-pmlastmsg
--enable-unlimited-select|
I grabbed these flags from the *.SPEC file of a RHEL SRPM and customized it.
There's a lot we don't need.
I read the manpage, there doesn't appear to be a special flag to set other
than -c 5 to allow for that. The configuration syntax for this is correct:
Code:
http://kb.monitorware.com/#
|local2.* /var/log/mapper/mapper.log
local2.* @@internalhost.ourdomain.com|
The log goes to file no problem, but is not sent to the internalhost -- I
tested this otherwise, this works with the stock, supplied RPM on CentOS 6
(no config changes).
The dev's want to keep the same version around the systems, which I can
appreciate. I installed the RPM for 5.10 which created the need for a
configuration change (I can't remember, but it had to do with using *). So
for now, I would like to solve this little problem.
It's possible we will just roll our own under /usr/local and keep it all
standard -- I would probably go with the latest/greatest version, provided it
didn't create more configuration issues for what the dev's are doing.
I'm stumped as to what the issue could be. Anyone have any ideas?
first off a note that 5.8 is rather old, if you are going to be compiling your
own anyway, consider going to a 6.x or 7.x version.
As for your problem, I would start with network troubleshooting 101
can you ping the destination?
what happens if you try and telnet to that destination on port 514?
does rsyslog log any errors (locally)?
does rsyslog say anything if you start it in debug mode?
what does a tcpdump show is happening on the network?
David Lang
___
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.