Chatee ahora con Soporte
Chat con el soporte

syslog-ng Premium Edition 6.0.21 - Administration Guide

Preface Chapter 1. Introduction to syslog-ng Chapter 2. The concepts of syslog-ng Chapter 3. Installing syslog-ng Chapter 4. The syslog-ng PE quick-start guide Chapter 5. The syslog-ng PE configuration file Chapter 6. Collecting log messages — sources and source drivers Chapter 7. Sending and storing log messages — destinations and destination drivers Chapter 8. Routing messages: log paths, reliability, and filters Chapter 9. Global options of syslog-ng PE Chapter 10. TLS-encrypted message transfer Chapter 12.  Reliable Log Transfer Protocol™ Chapter 13. Reliability and minimizing the loss of log messages Chapter 14. Manipulating messages Chapter 15. Parsing and segmenting structured messages Chapter 16. Processing message content with a pattern database Chapter 17. Statistics and metrics of syslog-ng Chapter 18. Multithreading and scaling in syslog-ng PE Chapter 19. Troubleshooting syslog-ng Chapter 20. Best practices and examples

syslog-ng-ctl

Name

syslog-ng-ctl — Display message statistics and enable verbose and debug modes in syslog-ng Premium Edition

Synopsis

syslog-ng-ctl [command] [options]

Description

NOTE: The syslog-ng-ctl application is distributed with the syslog-ng Premium Edition system logging application, and is usually part of the syslog-ng package. The latest version of the syslog-ng application is available at the syslog-ng page.

This manual page is only an abstract, for the complete documentation of syslog-ng, see the syslog-ng Documentation page.

The syslog-ng-ctl application is a utility that can be used to:

  • enable/disable various syslog-ng messages for troubleshooting

  • display statistics about the processed messages

  • reload the configuration of syslog-ng PE

  • stop syslog-ng PE.

Enabling troubleshooting messages

command [options]

Use the syslog-ng-ctl <command> --set=on command to display verbose or debug messages. If you are trying to solve configuration problems, the verbose messages are usually sufficient. Debug messages are needed mostly for finding software errors. After solving the problem, do not forget to turn these messages off using the syslog-ng-ctl <command> --set=off. Note that enabling debug messages does not enable verbose messages.

Use syslog-ng-ctl <command> without any parameters to display whether the particular type of messages are enabled or not.

If you need to use a non-standard control socket to access syslog-ng, use the syslog-ng-ctl <command> --set=on --control=<socket> command to specify the socket to use.

verbose

Print verbose messages. If syslog-ng was started with the --stderr or -e option, the messages will be sent to stderr. If not specified, syslog-ng will log such messages to its internal source.

debug

Print debug messages. If syslog-ng was started with the --stderr or -e option, the messages will be sent to stderr. If not specified, syslog-ng will log such messages to its internal source.

Example:

syslog-ng-ctl verbose --set=on

The stats command

stats [options]

Use the stats command to display statistics about the processed messages. For details about the displayed statistics, see the syslog-ng Documentation page. The stats command has the following options:

--control=<socket> or -c

Specify the socket to use to access syslog-ng. Only needed when using a non-standard socket.

--reset=<socket> or -r

Reset all statistics to zero, except for the stored counters. (The stored counters show the number of messages stored in the message queue of the destination driver, waiting to be sent to the destination.)

Example:

syslog-ng-ctl stats

An example output:

src.internal;s_all#0;;a;processed;6445
src.internal;s_all#0;;a;stamp;1268989330
destination;df_auth;;a;processed;404
destination;df_news_dot_notice;;a;processed;0
destination;df_news_dot_err;;a;processed;0
destination;d_ssb;;a;processed;7128
destination;df_uucp;;a;processed;0
source;s_all;;a;processed;7128
destination;df_mail;;a;processed;0
destination;df_user;;a;processed;1
destination;df_daemon;;a;processed;1
destination;df_debug;;a;processed;15
destination;df_messages;;a;processed;54
destination;dp_xconsole;;a;processed;671
dst.tcp;d_network#0;10.50.0.111:514;a;dropped;5080
dst.tcp;d_network#0;10.50.0.111:514;a;processed;7128
dst.tcp;d_network#0;10.50.0.111:514;a;stored;2048
destination;df_syslog;;a;processed;6724
destination;df_facility_dot_warn;;a;processed;0
destination;df_news_dot_crit;;a;processed;0
destination;df_lpr;;a;processed;0
destination;du_all;;a;processed;0
destination;df_facility_dot_info;;a;processed;0
center;;received;a;processed;0
destination;df_kern;;a;processed;70
center;;queued;a;processed;0
destination;df_facility_dot_err;;a;processed;0

Displaying license-related information

syslog-ng-ctl show-license-info [options]

The syslog-ng PE application uses a license in server mode to determine the maximum number of hosts that are allowed to connect. Use the syslog-ng-ctl show-license-info command to display license-related information the number of hosts currently logging to your server. This helps you to plan your capacity, to check your license usage, and to detect client misconfiguration that can result in a license miscount anomaly. Note that in client or relay mode, syslog-ng PE does not require a license.

The syslog-ng-ctl show-license-info command displays the following information. In case of an unlimited license, or in client or relay mode, only the license type is displayed:

  • License Type: none, limited, unlimited

  • Host Limit: the maximum number of hosts that are allowed to connect.

  • Currently Used Slots: the number of currently used host slots

  • Usage: the percent of used host slots

  • Licensed Clients: the list of hostnames that are stored in the license module

The syslog-ng-ctl show-license-info command has the following options:

--json or -J

Print license-related information in JSON format.

Example:

syslog-ng-ctl show-license-info

An example output:

License-Type: limited
Host-Limit: 10
Currently-Used-Slots: 7
Usage: 70%
Licensed-Clients:
    192.168.0.1
    192.168.0.2
    192.168.0.3
    192.168.1.4
    192.168.1.5

Example:

syslog-ng-ctl show-license-info --json

An example output:

{
    "license_type": "limited",
    "host_limit": 10,
    "currently_used_slots": 7,
    "usage": "70%",
    "licensed_clients": [
        "xy.testdomain",
        "testhost",
        "192.168.0.3",
        "test_host",
        "192.168.1.5"
    ]
}

Example:

syslog-ng-ctl show-license-info

in case of an unlimited license

An example output:

$ syslog-ng-ctl show-license-info
License-Type: unlimited

Example:

syslog-ng-ctl show-license-info

if syslog-ng PE is in client or relay mode

An example output:

$ syslog-ng-ctl show-license-info
License-Type: none

Reloading the configuration

syslog-ng-ctl reload [options]

Use the syslog-ng-ctl reload command to reload the configuration file of syslog-ng PE without having to restart the syslog-ng PE application. The syslog-ng-ctl reload works like a SIGHUP (-1).

Stopping syslog-ng PE

syslog-ng-ctl stop [options]

Use the syslog-ng-ctl stop command to stop the syslog-ng PE application. The syslog-ng-ctl stop works like a SIGHUP (-15) on Linux and Unix systems.

Files

/opt/syslog-ng/sbin/syslog-ng-ctl

See also

The syslog-ng Documentation page

syslog-ng.conf(5)

syslog-ng(8)

NOTE:

For the detailed documentation of syslog-ng PE see the syslog-ng Documentation page

If you experience any problems or need help with syslog-ng, visit the syslog-ng FAQ or the syslog-ng mailing list.

For news and notifications about of syslog-ng, visit the syslog-ng Blog.

Author

This manual page was written by the One Identity Documentation Team <documentation@balabit.com>.

Copyright

Copyright© 2000-2018One Identity. Published under the Creative Commons Attribution-Noncommercial-No Derivative Works (by-nc-nd) 3.0 license. For details, see https://creativecommons.org//. The latest version is always available at the syslog-ng Documentation page.

Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación