%20%E7%9B%AE%E7%9A%84%E5%9C%B0%E4%B8%8D%E5%96%9C%E6%AC%A2%20Transport(%22tcp%22).png)
我已将syslog-ngv3.5.6 安装到Debian GNU/Linux 8.7 (jessie):
# syslog-ng --version
syslog-ng 3.5.6
Installer-Version: 3.5.6
Revision: 3.5.6-2+b1 [@416d315] (Debian/unstable)
Compile-Date: Oct 1 2014 18:23:11
Available-Modules: confgen,basicfuncs,afstomp,afsocket-tls,csvparser,syslogformat,affile,cryptofuncs,redis,afsql,afsmtp,afsocket-notls,afamqp,afprog,afsocket,system-source,dbparser,json-plugin,afmongodb,linux-kmsg-format,tfgeoip,afuser
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: on
Enable-Pcre: on
现在尝试配置网络目标:
destination d_netsrv {
network(
transport("tcp")
ip-protocol(4) ip(10.3.2.1) port(601)
so-keepalive(yes) keep-alive(yes)
flags(syslog-protocol)
);
};
但syslog-ng不喜欢运输()选项:
# syslog-ng --syntax-only
Error parsing afsocket, syntax error, unexpected KW_TRANSPORT, expecting LL_IDENTIFIER or LL_STRING in /etc/syslog-ng/syslog-ng.conf at line 53, column 5:
transport("tcp")
^^^^^^^^^
syslog-ng documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng
有任何想法吗?
答案1
尝试
destination d_netsrv {
network( "10.3.2.1" port(601) transport(tcp) so-keepalive(yes) keep-alive(yes) flags(syslog-protocol)
);
};
或者如果它不起作用:
destination d_netsrv {
network( "10.3.2.1" port(601) transport(tcp) flags(syslog-protocol) );
};
目标地址没有ip(),您不需要,ip-protocol(4)因为它是默认的。