HPE Community
Operating System - HP-UX
1753519 Members
4918 Online
108795 Solutions
New Discussion юеВ

Re: Log File Redirection

 
roobala
Frequent Advisor

тАО06-12-2001 11:48 PM

тАО06-12-2001 11:48 PM

Log File Redirection

Hi,

In our DNS Server running HPUX 11.00,
all DNS logs are getting appended to
/var/adm/syslog/syslog.log file.

We would like to redirect these DNS logs to
a separate file for easy administration.

Can any one tell the procedure to achieve this.

Thanks in Advance,

Roobala

0 Kudos
Reply
9 REPLIES 9
eran maor
Honored Contributor

тАО06-12-2001 11:54 PM

тАО06-12-2001 11:54 PM

Re: Log File Redirection

Hi

Should you wish to disabled the syslog entries perform the following:

1. install DNS patch or replacement.
[PHNE_20618/PACHRDME/English] : s700_800 10.X BIND 4.9.7 components
2. run named command with -X option.
# named -X
* To set option in boot file,
# vi /etc/rc.config.d/namesvrs
love computers
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

тАО06-13-2001 12:46 AM

тАО06-13-2001 12:46 AM

Re: Log File Redirection

Hi

Why not extract these entries from the syslog.log file?

e.g.

# Extract DNS info
cat /var/adm/syslog/syslog.log |grep dns >> /tmp/DNS.log

# Clean the syslog.log
cat /var/adm/syslog/syslog.log |grep ?v dns >> /var/adm/syslog/syslog.log

Ensure that the grep ?dns? extracts the info you require.

This can either be cronned or menu driven .

HTH

Paula

cat /var/adm/syslog
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

тАО06-13-2001 12:48 AM

тАО06-13-2001 12:48 AM

Re: Log File Redirection

Hi

Please ignore the "cat /var/adm/syslog ".

I do not know where it came from

;-)

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Vincenzo Restuccia
Honored Contributor

тАО06-13-2001 01:06 AM

тАО06-13-2001 01:06 AM

Re: Log File Redirection

Edit /etc/syslog.conf.
0 Kudos
Reply
roobala
Frequent Advisor

тАО06-13-2001 01:58 AM

тАО06-13-2001 01:58 AM

Re: Log File Redirection

Hi All

I wanted to have separate log file for DNS logs and remaning all the logs let be there in syslog.log itself.

I want the same to get appended automatically by the system.

If it can be done by editing /etc/syslog.conf.......how ?
Can any one tell how to configure syslog for this requirement?

Thanks in Advance
Roobala
0 Kudos
Reply
eran maor
Honored Contributor

тАО06-13-2001 02:33 AM

тАО06-13-2001 02:33 AM

Re: Log File Redirection

Hi

if you want ot can disable all the degubing option of the dns with the command /usr/sbin/sig_named

here is the link to see the doc :
http://www.docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90147/B2355-90147_top.html&con=/hpux/onlinedocs/B2355-90147/00/00/34-con.html&toc=/hpux/onlinedocs/B2355-90147/00/00/34-toc.html&searchterms=sig_named&queryid=20010613-033137

it will also will be a big help if you will give up with details about the message that you are getting in the syslog but i thing that the sig_named will help with ( the ip is level 2 )
love computers
0 Kudos
Reply
Shannon Petry
Honored Contributor

тАО06-13-2001 02:40 AM

тАО06-13-2001 02:40 AM

Re: Log File Redirection

You want to do this with /etc/syslog.conf
Best bet is to read the man pages thoroughly.
I use a separate log, which you can define in /etc/syslog.conf on mail servers for mail logs, dns entries for DNS servers, etc...

Remember that you will have to edit the startup script /sbin/init.d/syslog to rotate any new logs.

I can not believe that people so quickly want to delete everything! Dont listen to the lazy people who dont want to know about their systems! Especially with all of the BIND vulnerabilities, it is good to know who is using your servers, and for what. If you blind yourself by removing the NFO, your more prone to be succeptable to an attack/hack/DOS, etc...

Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
Vincent Stedema
Esteemed Contributor

тАО06-13-2001 03:26 AM

тАО06-13-2001 03:26 AM

Re: Log File Redirection

Hi,

Which version of BIND do you use? With BIND 8/9 you can use the "logging", "channel" and "category" directives to configure logging channels.
For the "category default" you can then use your own file channel instead of the syslog channel that BIND normally uses.

HTH,

Vincent
0 Kudos
Reply
Herve BRANGIER
Respected Contributor

тАО06-13-2001 03:31 AM

тАО06-13-2001 03:31 AM

Re: Log File Redirection


Not just a response but another question.

QUESTION :
I know it's possible to separate some types of
logs : kern, mail, daemon,... But it's define
by /usr/include/syslog.h and there is nothing
about named (dns) ! DNS is a part of deamon
class so how to separate dns from other deamons ?

CONTRIB :
To extract information from syslog you can
see that lines about named already contain
"named" so you can use :

grep named /var/adm/syslog/syslog.log

to do that.

Bye,

Herve
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.