You are not logged in.

Pages: 1

#1 2014-12-16 23:20:47

foppe
Member
Registered: 2011-04-02
Posts: 47

[Solved] Postfix + syslog-ng: missing syslog_name

Something happened on my server on Dec 8th. I suspect the update from syslog-ng on Dec 3td, but it might just as well be something different.
The issue is that syslog-ng doesn' t output the postfix -> syslog_name in the logs (mail.log). A typical line in mail.log looks like:

Dec 17 00:09:02 sojoez smtp[28412]: A4D6B153063: to=<xxx@yyy>, [...]

The weird thing is that journalctl outputs the correct line as 

dec 17 00:09:02 sojoez postfix/smtp[28412]: A4D6B153063: to=<xxx@yyy>, [...]

The difference is the missing postfix, which should be there (as is the case of logs from before Dec 8th.) While investigating the issue I explicitly set 

syslog_name=postfix

in postfix/main,.cf but that didn ' t chane anything. Also I experimented with 

ForwardToSyslog=no

in /etc/systemd/journald.conf, also without luck.

After Dec 8th I have issues with certain configurations of pflogsumm, which keeps stats on sent and received mail. In this forum there is a recent post about a user having issues with Mailgraph, perhaps related to this very issue.

Last edited by foppe (2015-01-08 08:39:44)

Offline

#2 2014-12-28 15:17:18

maroid
Member
Registered: 2013-05-11
Posts: 14

Re: [Solved] Postfix + syslog-ng: missing syslog_name

Confirmed.

I am still looking for a workaround at least but without luck sad

//Edit: Trying to downgrade currently. I'd appreciate any tips (it's kinda urgent for me)


//Edit2: I have no more time for this. Therefore a quick&dirty workaround for pflogsumm:

diff /usr/bin/pflogsumm plfogsumm-fix wrote:

576c576,577
< my $syslogName = $opts{'syslogName'}? $opts{'syslogName'} : "postfix";
---
> #my $syslogName = $opts{'syslogName'}? $opts{'syslogName'} : "postfix";
> my $syslogName = "";
639c640
<     unless((($cmd, $qid) = $logRmdr =~ m#^(?:postfix|$syslogName)/([^\[:]*).*?: ([^:\s]+)#o) == 2 ||
---
>     unless((($cmd, $qid) = $logRmdr =~ m#^(?:postfix/|$syslogName)([^\[:]*).*?: ([^:\s]+)#o) == 2 ||

Last edited by maroid (2014-12-28 16:50:55)

Offline

#3 2015-01-08 08:39:26

foppe
Member
Registered: 2011-04-02
Posts: 47

Re: [Solved] Postfix + syslog-ng: missing syslog_name

This one fixed itself yesterday with the latest release of syslog-ng. Marking [SOLVED] .

Offline

Pages: 1

Board footer

Powered by FluxBB