[Logwatch] logwatch syslog_ng friendly??

Systems Administrator sysadmin@sunet.com.au
Mon, 17 Mar 2003 09:19:36 +1100


> Thanks so much for your reply.  I'm afraid
> my experience has not been that syslog_ng
> and syslog have the same /var/log/messages.
> I dunno why you get the same format...
>
> The whole reason for my talking to you is
> because Logcheck was having problems when
> I switched to syslog_ng.
>
> Maybe logwatch works differently than
> logcheck so both syslog and syslog_ng
> formats will work fine with it.
>
> Perhaps you mean they are different formats
> but LogWatch is unaffected nevertheless?


    Well, the one thing I know for certain is that I'm using the two of them
together :).  I'm having syslog-ng do the multiple hosts thing (ie. logging
8 or so hosts to the one logging machine) with stunnel.

    I'm using the version of syslog-ng that comes in the
syslog-ng-1.4.10-1mdk RPM (which works fine with Redhat).  Could you paste
in a sample of the log file you're having trouble with, and I'll tell you if
it looks like what I have.

    :)


Tim Nelson
Systems Administrator
Sunet Internet
Tel:  +61 3 5241 1155
Fax: +61 3 5241 6187
Web: http://www.sunet.com.au/
Email: sysadmin@sunet.com.au