Date: Thu, 22 May 2003 18:09:29 GMT From: Mark <admin@asarian-host.net> To: "Andy Farkas" <andyf@speednet.com.au> Cc: freebsd-questions@freebsd.org Subject: Re: Syslog from external machine Message-ID: <200305221809.H4MI9SGZ028102@asarian-host.net> References: <20030522082218.A93323-100000@hewey.af.speednet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Andy Farkas" <andyf@speednet.com.au> To: "Mark" <admin@asarian-host.net> Cc: <freebsd-questions@freebsd.org> Sent: Thursday, May 22, 2003 12:41 AM Subject: Re: Syslog from external machine > On Wed, 21 May 2003, Mark wrote: > > > Using FreeBSD 4.7R, I was experimenting a bit with my router's > > syslog facility (on port 514). I set up syslogd like this: > > > > /usr/sbin/syslogd -a 192.168.1.1:514 > > > > Assuming this would allow incoming UDP on port 514 for the > > 192.168.1.1 router address. Alas, nothing is logged in > > /var/log/messages. > > Go into /etc/syslog.conf and uncomment the `*.* /var/log/all.log > line. touch /var/log/all.log and restart syslogd. > > Now you can monitor all messages sent to syslogd. Indeed, this now works. :) But I get a LOT of messages in /var/log/all.log! Is there not a way I can log 'the rest'? See, now I have something like: ... mail.info /var/log/maillog lpr.info /var/log/lpd-errs cron.* /var/log/cron *.err root *.notice;news.err root *.alert root *.emerg * *.* /var/log/router.log But what I would really want is: "Everything which is not covered by any of the above, log to /var/log/router.log". Something like: "!*.*". Well, you know what I mean. If that is not possible, is there a way I can determine to what syslog facility the router is logging? (like "mail.crit" or something). Much obliged, - Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305221809.H4MI9SGZ028102>