安装脚本如下

@version: 3.8#Default configuration file for syslog-ng.#For a description of syslog-ng configuration file directives, please readthe syslog-ng Administrator's guide at:#http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html

Modify with QuWenQingPOWER BY PSIONIC---SECTION-[aurora] BEGINDATE: 2017-04-06.16:21Modify with QuWenQing@module syslogformat@module afsocket@module affile@module afprog@module afsmtp@module afuser@module system-source@module basicfuncs@module cryptofuncs@module dbparser@define autoload-compiled-modules 1options {        log_msg_size(16384);        flush_lines(1);        log_fifo_size(1000000);        time_reopen(10);        use_dns(no);        dns_cache(yes);        use_fqdn(yes);        keep_hostname(yes);        chain_hostnames(no);        check_hostname(yes);        create_dirs(yes);        dir_perm(0755);        perm(0644);        stats_freq(1800);        threaded(yes);};include "include/*.cnf";source s_local {        # standard Linux log source (this is the default place for the syslog()        # function to send logs to)        unix-stream("/dev/log" max-connections(10240) log_iw_size(1024000));#messages from the kernel        file("/proc/kmsg" program_override("kernel"));};filter f_messages { level(info..emerg) and not facility(mail,authpriv,cron,local3,local4,local5,local6) and not program("snmpd"); };filter f_secure { facility(authpriv); };filter f_mail { facility(mail); };filter f_cron { facility(cron); };filter f_emerg { level(emerg); };filter f_spooler { level(crit..emerg) and facility(uucp, news); };filter f_local7 { facility(local7); };filter f_snmpd { program("snmpd"); };destination d_messages { file("/var/log/messages"); };destination d_secure { file("/var/log/secure"); };destination d_maillog { file("/var/log/maillog"); };destination d_cron { file("/var/log/cron"); };destination d_console { usertty("root"); };destination d_spooler { file("/var/log/spooler"); };destination d_bootlog { file("/var/log/dmesg"); };destination d_snmpd { file("/var/log/snmpd/snmpd.$YEAR$MONTH" create_dirs(yes)); };log { source(s_local); filter(f_secure); destination(d_secure); flags(final);};log { source(s_local); filter(f_mail); destination(d_maillog); flags(final);};log { source(s_local); filter(f_cron); destination(d_cron); flags(final);};log { source(s_local); filter(f_snmpd); destination(d_snmpd); flags(final);};log { source(s_local); filter(f_emerg); destination(d_console); };log { source(s_local); filter(f_spooler); destination(d_spooler); };log { source(s_local); filter(f_local7); destination(d_bootlog); };log { source(s_local); filter(f_messages); destination(d_messages); };#POWER BY PSIONIC---SECTION-[aurora] END#POWER BY PSIONIC---SECTION-[gsys-lognode] BEGIN#project logsinclude "include/*.pre";destination d_remote_back_all {file("/data/projlogs/$PROGRAM/$YEAR$MONTH/$DAY/$HOUR.$HOST" perm(0644) dir_perm(0755) create_dirs(yes) template("${MONTH_ABBREV} $DAY ${HOUR}:${MIN}:${SEC} ${HOST} ${PROGRAM}[${PID}]: ${MSG}\n") template-escape(no));};filter f_remote_log_all {facility(local6) and match("/" value("PROGRAM"));};log {source(s_local);filter(f_remote_log_all);destination(d_remote_back_all);flags(final);};#nginx logstemplate nginx_format { template("$PROGRAM $MSG\n"); template_escape(no); };parser nginx { db_parser(file("/usr/local/syslog-ng/etc/patterndb.d/nginx.xml")); };source s_nginx_access {        pipe("/usr/local/nginx/logs/access_log");};destination d_nginx_access {file("/usr/local/nginx/logs/${N.vhost}/$YEAR$MONTH/$DAY/access_$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(nginx_format));};log {source(s_nginx_access);parser(nginx);destination(d_nginx_access);flags(final);};source s_nginx_error {        pipe("/usr/local/nginx/logs/error_log");};destination p_nginx_error {file("/usr/local/nginx/logs/${N.vhost}/$YEAR$MONTH/$DAY/error_$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(nginx_format));};destination d_nginx_error {file("/usr/local/nginx/logs/$YEAR$MONTH/$DAY/error_$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(nginx_format));};log {source(s_nginx_error);parser(nginx);destination(p_nginx_error);destination(d_nginx_error);flags(final);};#php-fpm logstemplate php-fpm_format { template("$PROGRAM $MSG\n"); template_escape(no); };source s_php-fpm {        pipe("/data/phplogs/phpfpm_slow.log");};destination d_php-fpm {file("/data/phplogs/$YEAR$MONTH/$DAY/phpfpm_slow.$HOUR.log" perm(0644) dir_perm(0755) create_dirs(yes) template(php-fpm_format));};log {source(s_php-fpm);destination(d_php-fpm);flags(final);};include "include/*.conf";#POWER BY PSIONIC---SECTION-[gsys-lognode] END

启动后查看状态报错Error stating pattern database file, no automatic reload will be performed; error='No such file or directory'

这个需要在/usr/local/syslog-ng/etc/patterndb.d下放置两个文件