From owner-freebsd-questions@FreeBSD.ORG Mon Aug 25 16:50:20 2008 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C8294106567A for ; Mon, 25 Aug 2008 16:50:20 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [220.233.188.227]) by mx1.freebsd.org (Postfix) with ESMTP id 20C768FC2C for ; Mon, 25 Aug 2008 16:50:19 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id m7PGoGB2023338 for ; Tue, 26 Aug 2008 02:50:17 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Tue, 26 Aug 2008 02:50:16 +1000 (EST) From: Ian Smith To: questions@freebsd.org Message-ID: <20080826022335.T14827@sola.nimnet.asn.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: Subject: diverting (some) log_in_vain messages X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Aug 2008 16:50:20 -0000 Hi, I'll try reducing and rephrasing my question/s .. Which syslog facility.level is used for {tcp,udp}.log_in_vain messages? *.notice;authpriv.none;kern.debug;mail.crit;news.err;ntp.err;local0.none;ftp.none /var/log/messages [..] I'd like to parse out just the log_in_vain messages, dumping what in my circumstances is log-spamming trivia to another file, while allowing the unexpected, more interesting stuff to get to /var/log/messages as usual - or to another file if it's a problem appending /var/log/messages from syslog output piped to (say) a sh script, as well as directly as above. Any hints or howtos welcome, even RT(which?)FS, though I'm short of code reading time, what with all the dragons .. cheers, Ian