- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Reduce the logging level of Sudo
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-17-2010 03:08 AM
тАО08-17-2010 03:08 AM
Reduce the logging level of Sudo
Please does any one know how to reduce the logging level of sudo. It presently logs entries almost thrice in the syslog.log file.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-17-2010 03:44 AM
тАО08-17-2010 03:44 AM
Re: Reduce the logging level of Sudo
UNIX95=1 ps -fC syslogd
Also check for duplicate lines in /etc/syslog.conf
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 01:39 AM
тАО09-16-2010 01:39 AM
Re: Reduce the logging level of Sudo
esmadu07 K05000 The SYSLOG is growing at a rate greater than 60000 bytes per min
Regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 01:45 AM
тАО09-16-2010 01:45 AM
Re: Reduce the logging level of Sudo
Can you provide what's in syslog.log that's growing so fast?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 02:03 AM
тАО09-16-2010 02:03 AM
Re: Reduce the logging level of Sudo
/caf/bin ; USER=root ; COMMAND=/bin/su.original D052CGC -c sh -c "SHLIB_PATH=/op
t/CA/SharedComponents/lib:/usr/lib:/opt/CA/CAlib:/opt/CA/SharedComponents/lib:/o
pt/CA/SharedComponents/lib:/opt/CA/UnicenterDSM/caf/lib:/opt/CA/SharedComponents
/lib;export SHLIB_PATH;/opt/CA/UnicenterDSM/caf/bin/cfURI"
Sep 16 10:13:18 esmadu07 above message repeats 2 times
Sep 16 10:13:18 esmadu07 sudo: root : TTY=unknown ; PWD=/opt/CA/UnicenterDSM
/caf/bin ; USER=root ; COMMAND=/bin/su.original B049LNU -c sh -c "SHLIB_PATH=/op
t/CA/SharedComponents/lib:/usr/lib:/opt/CA/CAlib:/opt/CA/SharedComponents/lib:/o
pt/CA/SharedComponents/lib:/opt/CA/UnicenterDSM/caf/lib:/opt/CA/SharedComponents
/lib;export SHLIB_PATH;/opt/CA/UnicenterDSM/caf/bin/cfURI"
Sep 16 10:13:18 esmadu07 su: + tty?? root-D052CGC
Sep 16 10:13:18 esmadu07 above message repeats 2 times
Sep 16 10:13:18 esmadu07 su: + tty?? root-B049LNU
Sep 16 10:13:18 esmadu07 sudo: root : TTY=unknown ; PWD=/opt/CA/UnicenterDSM
/caf/bin ; USER=root ; COMMAND=/bin/su.original M967VEC -c sh -c "SHLIB_PATH=/op
t/CA/SharedComponents/lib:/usr/lib:/opt/CA/CAlib:/opt/CA/SharedComponents/lib:/o
pt/CA/SharedComponents/lib:/opt/CA/UnicenterDSM/caf/lib:/opt/CA/SharedComponents
/lib;export SHLIB_PATH;/opt/CA/UnicenterDSM/caf/bin/cfURI"
Sep 16 10:13:19 esmadu07 above message repeats 4 times
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 03:39 AM
тАО09-16-2010 03:39 AM
Re: Reduce the logging level of Sudo
I think every application log is directed to your syslog file , please look in to you syslog.conf under /etc .what all lines in syslog.conf apart from these :
mail.debug /var/adm/syslog/mail.log
*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg *
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 04:35 AM
тАО09-16-2010 04:35 AM
Re: Reduce the logging level of Sudo
Here is my syslog.conf:
# See syslogd(1M) for information about the format of this file.
#
mail.debug /var/adm/syslog/mail.log
*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg *
lpr,local2.debug /tmp/PdLog2
user.info /opt/CA/UnicenterDSM/logs/dsmEventLog.log
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 05:10 AM
тАО09-16-2010 05:10 AM
Re: Reduce the logging level of Sudo
Can you put an extra entry in your sudoer file , /usr/local/etc/sudoers:
logfile
http://www.gratisoft.us/sudo/sudoers.man.html
hope this helps.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 05:41 AM
тАО09-16-2010 05:41 AM
Re: Reduce the logging level of Sudo
The command will not work in the sudoers file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2010 09:24 AM
тАО09-16-2010 09:24 AM
Re: Reduce the logging level of Sudo
mail.debug /var/adm/syslog/mail.log
*.info;mail.none;lpr.none;local2.none;user.none /var/adm/syslog/syslog.log
lpr,local2.debug /tmp/PdLog2
user.info /opt/CA/UnicenterDSM/logs/dsmEventLog.log
Two very important rules about syslog.conf:
1. Each line is processed with any regard to a previous line. You can log things to 10 different files if you want. But the line for syslog.log must exclude what you want to be logged somewhere else. Otherwise, you get double logging.
2. syslog.conf must NEVER have any spaces. If a space appears ANYWHERE on a line, it is silently ignored, ie, becomes a comment. All spacing is by tab characters. Use cat -vt to list syslog.conf. It will look like this:
# local5 (ftpd) logged only to /var/adm/syslog/local5.log
# kern (kernel messages) logged only to /var/adm/syslog/kern.log
# daemon (daemon messages) logged only to /var/adm/syslog/daemon.log
# auth (authentication messages) logged only to /var/adm/syslog/auth.log
# lpr (lp messages) logged only to /var/adm/syslog/lp.log
*.info;mail.none;local0.none;local5.none;auth.none;user.none;lpr.none;daemon.notice;kern.notice;^I/var/adm/syslog/syslog.log
mail.debug^I/var/adm/syslog/mail.log
local5.info^I/var/adm/syslog/ftpd.log
auth.info^I/var/adm/syslog/auth.log
daemon.info^I/var/adm/syslog/daemon.log
kern.info^I/var/adm/syslog/kern.log
lpr.info^I/var/adm/syslog/lpr.log
Bill Hassell, sysadmin