Hello everyone I seem to have problem with `syslog` table no

Question

Hello everyone I seem to have problem with `syslog` table not being populated I followed steps in issue 1964 and i can see `logger` output in `cat` My version is 3 3 2 from apt get Here is the snippet

zwass · Answer

Have you tried the debugging steps here <https github com facebook osquery issues 1964>

Loqpa · Answer

Yep i did There are no errors in verbose mode output `rsyslogd` is able to write to the pipe i saw logger output in another shell with cat What would you recommend to try next

zwass · Answer

Is anything else listening to the pipe `cat` in another shell Another osquery process

ycpr · Answer

I ve got the same issue No other processes apart of `osqueyi` and `rsyslogd` are listening to the pipe but `select from syslog events` returns nothing If I cat the pipe its output is not empty though

Loqpa · Answer

< zwass> so if i get things right issue 4810 is where the problem was discovered Do you think we can fix this issue by applying commit 5232 to the current state

zwass · Answer

It seems some folks are having success by patching the code I would give 5232 a shot