Syslog ng docker容器不'；端口514上是否不接受TCP连接？_Docker_Logging_Networking_Tcp_Syslog Ng

Syslog ng docker容器不'；端口514上是否不接受TCP连接？

docker logging networking tcp

Syslog ng docker容器不'；端口514上是否不接受TCP连接？,docker,logging,networking,tcp,syslog-ng,Docker,Logging,Networking,Tcp,Syslog Ng,很抱歉我写得不好，但这是我的第一个问题因此，这里的情况是，我有一个syslog ng版本3.24自定义容器，基于Ubuntu:18.04映像，它应该接受TCP中端口514上的连接，然后将日志保存在一个名为“logs.txt”的文件中。这里的问题是文件中的日志都是这样的： --这是logs.txt文件的输出 2019-11-27T19:49:10+01:00 ip-client syslog-ng[8012]: EOF occurred while idle; fd='8' 2019-11-2

很抱歉我写得不好，但这是我的第一个问题

因此，这里的情况是，我有一个syslog ng版本3.24自定义容器，基于Ubuntu:18.04映像，它应该接受TCP中端口514上的连接，然后将日志保存在一个名为“logs.txt”的文件中。这里的问题是文件中的日志都是这样的：

--这是logs.txt文件的输出

2019-11-27T19:49:10+01:00 ip-client syslog-ng[8012]: EOF occurred while idle; fd='8'

2019-11-27T19:49:10+01:00 ip-client syslog-ng[8012]: Syslog connection broken; fd='8', server='AF_INET(ip-server:514)', time_reopen='10'

2019-11-27T19:49:20+01:00 ip-client syslog-ng[8012]: Syslog connection failed; fd='8', server='AF_INET(ip-server :514)', error='Connection refused (111)', time_reopen='10'

2019-11-27T19:49:30+01:00 ip-client syslog-ng[8012]: Syslog connection failed; fd='8', server='AF_INET(ip-server:514)', error='Connection refused (111)', time_reopen='10'

2019-11-27T19:50:01+01:00 ip-client systemd[1]: Started Session 1540 of user root.

我的syslog-ng.conf配置文件如下：

    @version:3.24
    @include "scl.conf"

    options {
     ts_format(iso);
     use-dns(no);
    };

source u_net {
    syslog(
        ip("0.0.0.0") port(514)
        transport("tcp")
);
};
destination d_file{
file("logs.txt");
};

log {
source(u_net);
destination(d_file);
};

注意：客户端发送的日志与服务器使用的syslog（）驱动程序相同，因此这不是使用错误驱动程序的问题

客户端试图用TCP发送日志，但在我看来，服务器出于某种奇怪的原因正在转储日志？有什么不对劲吗？对不起，如果信息太少的话

编辑：我将输出端口更改为601，但输出文件看起来相同。此外，我还从其他设施（如cron、ecc）接收消息，如下所示：

    {"tags":".classifier.unknown,.source.u_net","msg":"syslog-ng starting up; version='3.5.6'","host":"ip-client","date":"1575040790"}
{"tags":".classifier.unknown,.source.u_net","msg":"Starting System Logger Daemon...","host":"ip-client","date":"1575040790"}
{"tags":".classifier.unknown,.source.u_net","msg":"Started System Logger Daemon.","host":"ip-client","date":"1575040790"}
{"tags":".classifier.unknown,.source.u_net","msg":"Unregistered Authentication Agent for unix-process:995:94462382 (system bus name :1.4031, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)","host":"ip-client","date":"1575040790"}
{"tags":".classifier.unknown,.source.u_net","msg":"Started Session 1867 of user root.","host":"ip-client","date":"1575040801"}
{"tags":".classifier.unknown,.source.u_net","msg":"Starting Session 1867 of user root.","host":"ip-client","date":"1575040801"}
{"tags":".classifier.unknown,.source.u_net","msg":"(root) CMD (/usr/lib64/sa/sa1 1 1)","host":"ip-client","date":"1575040801"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575040810"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575040820"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575040830"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575040841"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575040851"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575040861"}

{"tags":".classifier.unknown,.source.u_net","msg":"[system] Activating via systemd: service name='net.reactivated.Fprint' unit='fprintd.service'","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"Starting Fingerprint Authentication Daemon...","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"[system] Successfully activated service 'net.reactivated.Fprint'","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"Started Fingerprint Authentication Daemon.","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"Launching FprintObject","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"D-Bus service launched with name: net.reactivated.Fprint","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"entering main loop","host":"ip-client","date":"1575041013"}
{"tags":".classifier.unknown,.source.u_net","msg":"(to root) developer on pts/0","host":"ip-client","date":"1575041017"}
{"tags":".classifier.system,.classifier.unknown,.source.u_net,login","msg":"pam_unix(su-l:session): session opened for user root by developer(uid=1234)","host":"ip-client","date":"1575041017"}
{"tags":".classifier.unknown,.source.u_net","msg":"[system] Activating service name='org.freedesktop.problems' (using servicehelper)","host":"ip-client","date":"1575041017"}
{"tags":".classifier.unknown,.source.u_net","msg":"[system] Successfully activated service 'org.freedesktop.problems'","host":"ip-client","date":"1575041017"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041021"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041031"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041041"}
{"tags":".classifier.unknown,.source.u_net","msg":"No devices in use, exit","host":"ip-client","date":"1575041044"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041051"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041061"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='16', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041071"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041081"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041091"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041101"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041111"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041121"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041131"}

{"tags":".classifier.unknown,.source.u_net","msg":"device if010 entered promiscuous mode","host":"ip-client","date":"1575041242"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041251"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041261"}
{"tags":".classifier.unknown,.source.u_net","msg":"device if010 left promiscuous mode","host":"ip-client","date":"1575041262"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041271"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041281"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041291"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041301"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041311"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041321"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='15', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041331"}

{"tags":".classifier.unknown,.source.u_net","msg":"Log statistics; processed='destination(d_spol)=0', processed='src.internal(s_sys#2)=61', stamp='src.internal(s_sys#2)=1575041381', processed='center(received)=61', processed='destination(d_mesg)=78', processed='destination(d_mail)=0', processed='destination(d_auth)=2', processed='destination(d_mlal)=0', processed='center(queued)=167', processed='src.none()=0', stamp='src.none()=0', processed='destination(d_cron)=1', processed='global(payload_reallocs)=2', processed='global(sdata_updates)=0', dropped='dst.syslog(remote#0,tcp,ip-server:601)=0', processed='dst.syslog(remote#0,tcp,ip-server:601)=81', stored='dst.syslog(remote#0,tcp,ip-server:601)=81', processed='destination(d_boot)=0', processed='destination(d_kern)=5', processed='global(msg_clones)=0', processed='source(s_sys)=61', processed='destination(remote)=81'","host":"ip-client","date":"1575041390"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='8', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041391"}
{"tags":".classifier.unknown,.source.u_net","msg":"Syslog connection failed; fd='8', server='AF_INET(ip-server)', error='Connection refused (111)', time_reopen='10'","host":"ip-client","date":"1575041401"}

我应该分类的唯一信息是这一条，其他信息需要删除：

{"tags":".classifier.system,.classifier.unknown,.source.u_net,login","msg":"pam_unix(su-l:session): session opened for user root by developer(uid=1234)","host":"ip-client","date":"1575041017"}

这怎么可能？也许有太多的程序发送他们的日志，我的服务器跟不上？如果是这种情况，我该怎么办？

众所周知的系统日志端口是UDP 514，但众所周知的TCP 514端口是用于shell的。查看IANA，并在页面上的框中搜索

。我切换到端口601，但错误仍然存在。我编辑了我的问题，如上图所示。我真的不知道是哪个错误导致系统日志连接中断。众所周知的系统日志端口是UDP 514，但众所周知的TCP 514端口是用于shell的。查看IANA，并在页面上的框中搜索

。我切换到端口601，但错误仍然存在。我编辑了我的问题，如上图所示。我真的不知道是哪个错误导致系统日志连接中断。