# syslog-ng nowadays has a crippled default config?

## msst

I am not sure since when that is and whether to consider it an annoyance or a feature, but I just noticed that since beginning of July the logging facility of syslog-ng seemed to just not log certain events any more and basically all log files that were still used was log/messages.

Specifically I noticed that my log/mail.log and log/demon.log files did not get any more entries despite exim and other daemons running and working well - just without producing any logs.

As this happened on two gentoo machines, one run as a mini-server, it is probably linked to some syslog-ng update. I saw that the update had apparently installed a very minimalistic syslog-ng.conf, which basically only logs to messages file and just disregards all else.

I fixed this issue by copying the sample config from 

http://www.gentoo.org/doc/de/security/security-handbook.xml?part=1&chap=3

over it, which is much more reasonable and seems to do what I expected.

As said, I am not sure if that is supposed to be so, but the currently shipping sample config in the syslog-ng package is close to useless for servers so people running a server should probably also look into replacing it as described and/or be careful not to allow any syslog-ng update to "update" the config file.

----------

## anyNiXwilldo

Check /usr/share/doc/syslog-ng-3.4.2 and copy your preferred conf file to /etc/syslog-ng/syslog-ng.conf

More info here

----------

