[SOLVED] syslog-ng not logging when run as a service

Heikete · 2014-09-28 21:53:45

I need to see logs from a program that logs using

#include <syslog.h>
...
openlog("name",LOG_PID,LOG_DAEMON);
syslog(LOG_NOTICE, "Service started...");

I installed and enabled syslog-ng, however I output appears in /var/log/daemon.log only if I run
syslog-ng from commandline: syslog-ng -Fved

If I run: systemctl start syslog-ng, in /var/log/daemon.log I have only information of syslog-ng daemon and nothing more.

my syslog-ng.conf:

@version: 3.5
#
# /etc/syslog-ng.conf
#

options {
  stats_freq (0);
  flush_lines (0);
  time_reopen (10);
  log_fifo_size (1000);
  chain_hostnames(off);
  use_dns (no);
  use_fqdn (no);
  create_dirs (no);
  keep_hostname (yes);
  perm(0640);
  group("log");
  owner("root");
};

source src {
  unix-dgram("/dev/log");
  internal();
  file("/proc/kmsg" program-override("kernel") flags(kernel));
};

destination d_authlog { file("/var/log/auth.log"); };
destination d_syslog { file("/var/log/syslog.log"); };
destination d_cron { file("/var/log/crond.log"); };
destination d_daemon { file("/var/log/daemon.log"); };
destination d_kernel { file("/var/log/kernel.log"); };
destination d_lpr { file("/var/log/lpr.log"); };
destination d_user { file("/var/log/user.log"); };
destination d_uucp { file("/var/log/uucp.log"); };
destination d_mail { file("/var/log/mail.log"); };
destination d_ppp { file("/var/log/ppp.log"); };
destination d_debug { file("/var/log/debug.log"); };
destination d_messages { file("/var/log/messages.log"); };
destination d_errors { file("/var/log/errors.log"); };
destination d_everything { file("/var/log/everything.log"); };
destination d_acpid { file("/var/log/acpid.log"); };
destination d_console { usertty("root"); };
destination console_all { file("/dev/tty12"); };


filter f_auth { facility(auth); };
filter f_authpriv { facility(auth, authpriv); };
filter f_syslog { program(syslog-ng); };
filter f_cron { facility(cron); };
filter f_daemon { facility(daemon); };
filter f_kernel { facility(kern); };
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_user { facility(user); };
filter f_uucp { facility(cron); };
filter f_ppp { facility(local2); };
filter f_debug { not facility(auth, authpriv, mail); };
filter f_messages { level(info..warn) and not facility(auth, authpriv, mail); };
filter f_everything { level(debug..emerg) and not facility(auth, authpriv); };
filter f_emergency { level(emerg); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_crit { level(crit); };
filter f_err { level(err); };
filter f_acpid { program("acpid"); };

log { source(src); filter(f_acpid); destination(d_acpid); };
log { source(src); filter(f_authpriv); destination(d_authlog); };
log { source(src); filter(f_syslog); destination(d_syslog); };
log { source(src); filter(f_cron); destination(d_cron); };
log { source(src); filter(f_daemon); destination(d_daemon); };
log { source(src); filter(f_kernel); destination(d_kernel); };
log { source(src); filter(f_lpr); destination(d_lpr); };
log { source(src); filter(f_mail); destination(d_mail); };
log { source(src); filter(f_ppp); destination(d_ppp); };
log { source(src); filter(f_user); destination(d_user); };
log { source(src); filter(f_uucp); destination(d_uucp); };
log { source(src); filter(f_messages); destination(d_messages); };
log { source(src); filter(f_err); destination(d_errors); };
log { source(src); filter(f_emergency); destination(d_console); };
log { source(src); filter(f_everything); destination(d_everything); };

# Log everything to vc12
log { source(src); destination(console_all); };

What is different when I start syslog-ng from console and using service? Is there another config file?

Last edited by Heikete (2014-09-29 13:30:12)

karol · 2014-09-29 00:34:19

https://wiki.archlinux.org/index.php/Syslog-ng

As of systemd 216, messages are no longer forwarded to syslog by default. To re-enable this, edit /etc/systemd/journald.conf as root, and change #ForwardToSyslog=no to ForwardToSyslog=yes.

I have no idea if it's related to your issue, but try enabling forwarding to syslog and reboot.

Heikete · 2014-09-29 13:29:04

Yes, and there's another options family: MaxLevel*
After I uncommented forwarding and Maxlevel, the logs are flowing smoothly.

[Journal]
#Storage=auto
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitInterval=30s
#RateLimitBurst=1000
#SystemMaxUse=
#SystemKeepFree=
#SystemMaxFileSize=
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#MaxRetentionSec=
#MaxFileSec=1month
ForwardToSyslog=yes
ForwardToKMsg=yes
#ForwardToConsole=yes
#ForwardToWall=yes
#TTYPath=/dev/console
MaxLevelStore=debug
MaxLevelSyslog=debug
MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg

Arch Linux

#1 2014-09-28 21:53:45

[SOLVED] syslog-ng not logging when run as a service

#2 2014-09-29 00:34:19

Re: [SOLVED] syslog-ng not logging when run as a service

#3 2014-09-29 13:29:04

Re: [SOLVED] syslog-ng not logging when run as a service

Board footer