penlog and penlogd

From: <>
Date: Mon, 18 Apr 2005 17:26:50 -0500

I am having trouble getting pen, penlog and penlogd to generate combined access
logs. Right now the access_log file is 0 bytes and does not appear to be
updated by penlogd. I have two servers, one runs pen, penlog, penlogd and httpd
( and The other runs penlog and httpd only

If I run penlogd with the -df option, I get the following messages:

2005-04-18 17:23:30: Logging to /var/log/pen/access_log
2005-04-18 17:23:30: Writing pid 19563 to /var/run/
2005-04-18 17:23:30: Enter main loop
2005-04-18 17:23:32: bogus web line common
2005-04-18 17:23:34: bogus web line common
2005-04-18 17:24:08: bogus web line common

I'm assuming this has to do with: "The optional third argument is used if
the server has several addresses. Penlogd uses the source address to
identify the server, and it must be identical to the address configured in the
command line to Pen."

However, in each of the web servers, I have:
CustomLog "|/usr/local/bin/penlog 10000" common
CustomLog "|/usr/local/bin/penlog 10000" common

My command to run pen is:
pen -p /var/run/ -w /pen_stats2.html -b 120 -T 3600 -n -x 507 -c 4096 -l

Can you point me in the right direction to troubleshoot this? I was sure to open
a hole in iptables from, udp port 10000 but since it's udp and not
tcp, I'm not sure how to test this (can't use telnet.) It seems that penlogd is
ignoring the log lines being sent from penlog however, I am passing penlog the
correct server IP according to penlog(1).
Received on Tue Apr 19 2005 - 00:28:53 CEST

This archive was generated by hypermail 2.2.0 : Tue Apr 19 2005 - 00:28:54 CEST