Hey guys, I've been trying to use flume-ng (build in trunk) to read syslogs through tcp then write to a flat file, as seen in this configuration:
# Source, sink, and channel name below syslog-agent.channels = rmc syslog-agent.sources = syslog syslog-agent.sinks = flat # Configure channels syslog-agent.channels.rmc.type = memory # Configure sources syslog-agent.sources.syslog.type = syslogTcp syslog-agent.sources.syslog.port = 5140 syslog-agent.sources.syslog.host = 172.17.1.92 syslog-agent.sources.syslog.channels = rmc # Configure sinks syslog-agent.sinks.flat.type = FILE_ROLL syslog-agent.sinks.flat.directory = /Users/ykim/Desktop/test syslog-agent.sinks.flat.rollInterval = 0 syslog-agent.sinks.flat.channels = rmc After a bit of wrangling with rsyslog configurations, it appeared as if rsyslog wasn't sending any packets. However, I decided to try out flume-og with a simple dump syslogTcp, and it correctly reads the syslog. At this point, I'm a bit lost and not sure what else to look at. Hopefully, someone on here can shed some light on what could be wrong. Thanks, Young Kim
