Hello, I have a problem concerning unbound (unbound-1.5.3_1), i can't receive any logs even with the native 'syslog', 'rsyslog'(rsyslog8-8.10.0 ) or 'syslog-ng' (syslog-ng35-3.5.6_6). But i can log unbound if i use 'syslogd' to redirect logs in localhost to 'rsyslog'. Here is my configurations: ######## -/etc/syslog.conf: *.* @127.0.0.1:514 ######## -/usr/local/etc/rsyslog.conf: module(load="imudp") input(type="imudp" address="127.0.0.1" port="514") $WorkDirectory /var/spool/rsyslog # where to place spool files $ActionQueueFileName rsyslogclient # unique name prefix for spool files $ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) $ActionQueueSaveOnShutdown on # save messages to disk on shutdown $ActionQueueType LinkedList # run asynchronously $ActionResumeRetryCount -1 # infinety retries if host is down ## Configuration sISlogs $template DynaFile,"/var/log/SISlogs/%programname%/%$YEAR%%$MONTH%%$DAY%_%programname%.log" if $programname startswith 'unbound'and $syslogfacility-text startswith 'daemon' and $syslogseverity-text startswith 'info' then -?DynaFile & ~ ######## -/etc/rc.conf: # RSYSLOG + SYSLOG syslogd_enable="YES" syslogd_flags="-s -n -N" rsyslogd_enable="YES" rsyslogd_pidfile="/var/run/syslog2.pid" ######## -/usr/local/etc/unbound/unbound.conf: server: username: unbound use-syslog: yes log-queries: yes directory: "/usr/local/etc/unbound" chroot: "/usr/local/etc/unbound" pidfile: "/usr/local/etc/unbound/unbound.pid" ... ######## How can i receive unbound logs with only one soft ? ('rsyslog' or 'syslog') Thanks Sébastien
I'm not sure this problem is related to unbound. But try to ask in unbound maillist.
maintainer reset
Request feedback from new maintainer.
Unbound logs always to syslog unless otherwise specified. To separate unbound messages I use in syslog.conf !unbound *.* /var/log/unbound.log and that works fine for years. I agree with Sergey that this is likely a syslog configuration problem. For remote logging on a remote machine I do think your configuration should look like !unbound *.* @remote_machine You can test whether the remote machine accept and process the packets with something like $ logger -h remote_machine -t unbound "Unbound log test" which should work with the standard syslogd. Note that your unbound is old, the current version is 1.6.0 Success!
Can someone close this please? Thanks.