Just renaming the syslog-ng.conf-dist file to syslog-ng.conf will fix this issue but errors will keep coming:
Here we just have to add an @ at the beginning of the line zero just before the version number.
So, change version 3.0 to @version: 3.0
(Note that ‘:’ have to be added aswell)
Once this is done, syslog-ng won’t start yet. Now will give us a warning (but won’t start due to other errors that will mention later).
To make the warn disapear, as the message says, we have to change the line:
options { long_hostnames(off); sync(0); };
for
options { long_hostnames(off); flush_lines(0); };
We are not done yet, run the daemon again and:
To fix this, I created a new destination as the one by default seems to be used by the default system log in the OS.
Comment the line:
destination syslog { file(“/var/log/syslog”); };
and add:
destination d_syslog { file(“/var/log/syslog.log”); };
After changing the destination we have to do some more changes, otherwise the conf file will have inconsistencies and the execution will end up with more errors.
We need to apply the syslog filter to the new destination we have created. We do that changing:
log { source(src); filter(f_syslog); destination(syslog); };
for
log { source(src); filter(f_syslog); destination(d_syslog); };
What I did at this point was to also modify the syslog-ng filter, by default the f_syslog filter is:
filter f_syslog { not facility(authpriv, mail); };
I changed it to make it filter the messages from the localO, where I have the log4j configured to send the logs to:
filter f_syslog { facility(local0); };
Note that this step is not a must to have the syslog-ng working, it’s just a custom configuration.
Last error I got said that it was not possible to use the tty12 (wich is used in the default conf):
destination console_all { file(“/dev/tty12″); };
So I just changed it to ‘console’:
destination console_all { file(“/dev/console”); };
Now we can properly start the log system typing:
syslog-ng
