Date: Fri, 23 May 2003 07:48:42 +1000 (EST) From: Andy Farkas <andyf@speednet.com.au> To: Mark <admin@asarian-host.net> Cc: freebsd-questions@freebsd.org Subject: Re: Syslog from external machine Message-ID: <20030523074214.T13191-100000@hewey.af.speednet.com.au> In-Reply-To: <200305221809.H4MI9SGZ028102@asarian-host.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 May 2003, Mark wrote:
> > Go into /etc/syslog.conf and uncomment the `*.* /var/log/all.log
> > line. touch /var/log/all.log and restart syslogd.
> >
> > Now you can monitor all messages sent to syslogd.
>
> Indeed, this now works. :) But I get a LOT of messages in /var/log/all.log!
> Is there not a way I can log 'the rest'? See, now I have something like:
>
> ...
> mail.info /var/log/maillog
> lpr.info /var/log/lpd-errs
> cron.* /var/log/cron
> *.err root
> *.notice;news.err root
> *.alert root
> *.emerg *
> *.* /var/log/router.log
>
> But what I would really want is: "Everything which is not covered by any of
> the above, log to /var/log/router.log". Something like: "!*.*". Well, you
> know what I mean.
Try this command: man syslogd
> If that is not possible, is there a way I can determine to what syslog
> facility the router is logging? (like "mail.crit" or something).
I always run syslogd with -vv flag....
ps. sorry about being terse - but thats what man pages are for...if you
need more help after reading the man page, ask then...
--
:{ andyf@speednet.com.au
Andy Farkas
System Administrator
Speednet Communications
http://www.speednet.com.au/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030523074214.T13191-100000>