Syslog question
Bryan O'Neal
Bryan.ONeal at TheONealAndAssociates.com
Mon Jul 12 19:42:35 MST 2010
worked like a charm - Thanks!
On Mon, Jul 12, 2010 at 4:47 PM, Shawn Badger <badger.shawn at gmail.com> wrote:
> Put local0.none in the /var/log/messages entry to stop the router entries
> from showing up there. So after you changes it would look like this:
>
> *.info;mail.none;authpriv.none;cron.none;local0.none
> /var/log/messages
>
>
> On Mon, Jul 12, 2010 at 3:40 PM, Bryan O'Neal
> <Bryan.ONeal at theonealandassociates.com> wrote:
>>
>> Default redhat syslogd
>>
>> /etc/sysconfig/syslog
>> SYSLOGD_OPTIONS="-m 0 -r"
>> KLOGD_OPTIONS="-x"
>> SYSLOG_UMASK=077
>>
>> /etc/syslog.conf
>> # Log all kernel messages to the console.
>> # Logging much else clutters up the screen.
>> #kern.* /dev/console
>>
>> # Log anything (except mail) of level info or higher.
>> # Don't log private authentication messages!
>> *.info;mail.none;authpriv.none;cron.none /var/log/messages
>>
>> # The authpriv file has restricted access.
>> authpriv.* /var/log/secure
>>
>> # Log all the mail messages in one place.
>> mail.* -/var/log/maillog
>>
>>
>> # Log cron stuff
>> cron.* /var/log/cron
>>
>> # Everybody gets emergency messages
>> *.emerg *
>>
>> # Save news errors of level crit and higher in a special file.
>> uucp,news.crit /var/log/spooler
>>
>> # Save boot messages also to boot.log
>> local7.* /var/log/boot.log
>>
>> # Chandler.azinterlock.com
>> local0.*
>> /var/log/azinterlock.chandler.juniper.log
>>
>> On Mon, Jul 12, 2010 at 3:28 PM, Jason Holtzapple <ml at bitflip.net> wrote:
>> > On 07/12/2010 03:25 PM, Bryan O'Neal wrote:
>> >> I hope no one makes me hand in my linux geek card on this one but...
>> >> I am setting up a remote syslog server to collect information from
>> >> various routers across my network. I can prepped local0-7 to the
>> >> syslog information and thus direct it to an appropriate log. However I
>> >> have set up only one and I am having trouble. While it does go to
>> >> /var/log/my.router.log all the information is also going to
>> >> /var/log/messages
>> >>
>> >> How do I stop the duplicate messages? This server is a "comprehensive"
>> >> <haha> monitoring server so I have a number of applications writing to
>> >> var/log/messages and I don't want to have to hunt through a tun of
>> >> router traffic if I have problems.
>> >
>> > Please post your syslog.conf and flavor of syslog (rsyslog, syslog-ng,
>> > etc).
>> >
>> >
>> > ---------------------------------------------------
>> > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> > To subscribe, unsubscribe, or to change your mail settings:
>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
More information about the PLUG-discuss
mailing list