The syslog-ng Administrator Guide

Document version: 1.1.4
Release date: July 23, 2008
Latest version available at the BalaBit Documentation Page

7.4. Replacing klogd on Linux

The syslog-ng application can replace both the syslogd and klogd daemons on Linux hosts. To replace klogd, complete the following steps:

Procedure 7.3. Replacing klogd on Linux

  1. Add a file source pointing to /proc/kmsg to the syslog-ng configuration file.

                          source s_kmsg { file("/proc/kmsg"); };
    [Warning] Warning

    Do not use a pipe source to read /proc/kmsg; pipe opens the source in read-write mode and this may cause problems when using SELinux or similar security measures.

  2. Include the source defined in Step 1 in a log path.

  3. Stop klogd.

    [Warning] Warning

    Do not run klogd and syslog-ng simultaneously when using syslog-ng to read /proc/kmsg, as it might block syslog-ng.

© 2007-2008 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com

Prev  Up  Next
7.3. Collecting logs from chroot  Home | Contents  7.5. A note on timezones and timestamps