Results 1 to 3 of 3

Thread: SLES10 syslog-ng and audit.log.

Threaded View

  1. #1

    Question SLES10 syslog-ng and audit.log.

    Good day,

    I am trying to configure syslog-ng to send the audit.log file to a remote server. I always get a permission denied on the file unless i disable apparmor.. I cannot disabler Apparmor since this config need to be put into production.

    Here is my config:

    source s_file {

    destination d_local_audit {
    file ("/var/log/local3.log");

    log {
    source (s_file);

    The local3.log is not getting populated by audit.logs and I cant figure out why. The remote host is not eceiving much either, but it receives some stuff (other logs . I checked with tcpdump -vvvnAXSs 1514 port 514)

    I am willing to try other ways of doing this, like using named pipe, but I am not sure how this work.

    Any help is greatly apreciated.
    Last edited by malarie_01; 17-Aug-2016 at 20:33.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts