Syslog -ng not writing to directory var/log/syslog...

sifmad23 · ‎01-30-2021

One of our servers is forwarding fine however the files aren't being written to var/log/syslog/remote. I am new to Splunk so any assistance would be appreciated.

isoutamo · ‎01-31-2021

That file has written by syslog-ng not splunk. You could find more information how to change and administer syslog-ng e.g. https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.22/administration-...

r. Ismo

sifmad23 · ‎02-04-2021

Currently still experiencing the issue, tried the following:

- checked to see if SE Linux running in permissive mode would resolve the issue nothing

-not a disk space issue

-system for local collection is running under root account

- have identical settings on other server in different location and logs are being written.

any advice or suggestions would be appreciated.

Syslog -ng not writing to directory var/log/syslog/remote

Linux

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation