我刚刚注意到我的 Debian 机器上的日志系统坏了,系统日志是空的,并且没有任何内容添加到系统日志中。
我需要修复此问题,但从哪里开始呢?
什么原因造成这种情况?
syslog-ng 配置似乎很好,并且 syslog-ng 进程正在运行,磁盘未满并且文件夹正确。
/var/log > ps -ef | grep syslog
root 1463 1 0 Aug01 ? 00:00:00 /sbin/mdadm --monitor --pid-file /var/run/mdadm/monitor.pid --daemonise --scan --syslog
root 15495 15482 0 18:06 pts/7 00:00:00 tail -f syslog
root 15729 1 0 18:17 ? 00:00:00 supervising syslog-ng
root 15730 15729 0 18:17 ? 00:00:00 /usr/sbin/syslog-ng -p /var/run/syslog-ng.pid
cat /etc/syslog-ng/syslog-ng.conf
@version: 3.1
#
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation. Originally written by anonymous (I can't find his name)
# Revised, and rewrited by me (SZALAY Attila <[email protected]>)
# First, set some global options.
options { long_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
owner("root"); group("adm"); perm(0640); stats_freq(600);
bad_hostname("^gconfd$");
};
########################
# Sources
########################
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source s_src { unix-dgram("/dev/log"); internal();
file("/proc/kmsg" program_override("kernel"));
};
# If you wish to get logs from remote machine you should uncomment
# this and comment the above source line.
#
#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); };
########################
# Destinations
########################
# First some standard logfile
#
destination d_auth { file("/var/log/auth.log"); };
destination d_cron { file("/var/log/cron.log"); };
destination d_daemon { file("/var/log/daemon.log"); };
destination d_kern { file("/var/log/kern.log"); };
destination d_lpr { file("/var/log/lpr.log"); };
destination d_mail { file("/var/log/mail.log"); };
destination d_syslog { file("/var/log/syslog"); };
destination d_user { file("/var/log/user.log"); };
destination d_uucp { file("/var/log/uucp.log"); };
# This files are the log come from the mail subsystem.
#
destination d_mailinfo { file("/var/log/mail/mail.info"); };
destination d_mailwarn { file("/var/log/mail/mail.warn"); };
destination d_mailerr { file("/var/log/mail/mail.err"); };
答案1
似乎出于某种原因,配置文件在 syslog-ng.conf 文件中丢失了过滤器和目标。将文件更改为默认的 dpkg 包文件即可。
感谢所有的建议。