Re: syslog

kapra · ‎12-06-2005

Dear all,

I am trying to fine tune my syslog.conf file as below

security.info /var/adm/syslog/security.log
auth.info /var/adm/syslog/auth.log
kern.info /var/adm/syslog/kernelinfo.log
kern.debug /var/adm/syslog/kerneldebug.log
*.info /var/adm/syslog/allinfo.log

I am running into few problems when i try to use this configuration file. After restarting the syslogd daemon, i tried to test the functionality using logger command and found the results to be surprising.

(1) Messages from Security and Auth facilities at all levels are getting logged inside both file namely security.log & auth.log and ofcourse inside allinfo.log
(i used logger -p security.info "message" likewise for auth.info, security.notice, auth.notice....... etc), i was expecting security messages ONLY to go inside security.log and same for auth message !!

(2) if i do logger -p kern.info "kernel message", this is getting logged only inside allinfo.log and NOT inside kernelinfo.log

(All these files do exist on their locations and have write permissions for all, also there are TABS (no spaces) inside syslog.conf file).

Please help me on this.

Thanks.

Steven E. Protter · ‎12-06-2005

Shalom,

security.info /var/adm/syslog/security.log
auth.info /var/adm/syslog/auth.log

They should probalby be the same log. authentication is the most important part of security.

Can you upload your configuration file for us to look at.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Yasin Amadmia · ‎12-06-2005

Thanks for your reply...

I am attaching syslog.conf file for info..

kapra · ‎12-06-2005

I thought so Auth being a subset of security and hence wanted to filter out exact messages from each facility.

I am not quiet clear if both logs same messages then y do we have 2 seperate facilities???

kapra · ‎12-06-2005

syslog.conf attached

Bill Hassell · ‎12-06-2005

The lines in syslog are processed in order and assigning a particular facility and priority to a single file has no effect on other lines. In other words, you need two lines (like the mail.log entry in the default HP-UX script), one to disable logging of specific facilities (ie, mail.none,daemon.none) and the other to log to a specific file.

Bill Hassell, sysadmin

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: syslog

syslog

Re: syslog

Re: syslog

Re: syslog

Re: syslog

Re: syslog