Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
This issue attempts to help debug configuration errors with the Linux
osquery reads syslog logs from
@zwass The steps for debugging syslog table is nice one. I am also facing the same issue but with syslog-ng. In my case syslogs do logged in the file /var/log/osquery/osqueryd.results.log if i use system() in syslog-ng source but not pipe as a source.
Obviously syslogs does not appear in the table syslog. The name pipe has been created and syslog-ng is running as root:adm. Although i have checked with root:root as well.
There is no error in /var/log/syslog as well. I am using Ubuntu 16.10 and not firewall is running.