Hey, I wonder if anyone here has any experience with syslog-ng and can point out the error of my ways.
Trying to get multiple network sources going to a syslog-ng server I have setup and I already have it working for our Cisco ASA as well as one (dev) webserver.
Here is what I have already. The first source gets all events from our firewall.
The second one (s_digopsdev) gets syslog and httpd (access_log and error_log) from a server our devs use for staging.
These two work.
Code:
source s_net {udp(ip("0.0.0.0") port(514)); };
source s_digopsdev { tcp(); };
source s_assets { tcp(ip(192.168.105.34) port(1000)); };
The third, s_assets, is set up to collect httpd logs (same as for the dev box), but every time I go to restart service syslog-ng it fails.
I'm positive my destination and log parameters are correct.
I probably haven't posted in this forum in 5 years or so (I can't remember really) you guys were always awesome and never let me down before.
Thanks!!