Hi Splunk Community,
We are testing forwarding syslog traffic to a syslog-ng server so we can forward those events with a Splunk Forwarder running on the same host.
We can't get syslog-ng (running as root) to write to a mounted ext3 partition. This is a CentOS 7 VM. The syslog-ng process can write anywhere in / except the mount.
After over an hour on google, still no fix. Have tried a few things with permissions- but root owns the directory and has full permissions to it.
Thanks for any ideas!
↧