From owner-freebsd-security@FreeBSD.ORG Thu Jan 22 14:02:06 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D9D516A4CE for ; Thu, 22 Jan 2004 14:02:06 -0800 (PST) Received: from muse.calarts.edu (muse.calarts.edu [198.182.157.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1146943D3F for ; Thu, 22 Jan 2004 14:02:04 -0800 (PST) (envelope-from karyn@calarts.edu) Received: from klw (dhcp4176.calarts.edu [65.165.174.254]) by muse.calarts.edu (8.11.7p1+Sun/8.10.2) with SMTP id i0MM2OS19051 for ; Thu, 22 Jan 2004 14:02:24 -0800 (PST) Message-Id: <3.0.1.32.20040122140044.024783ac@muse.calarts.edu> X-Sender: karyn@muse.calarts.edu X-Mailer: Windows Eudora Pro Version 3.0.1 (32) Date: Thu, 22 Jan 2004 14:00:44 -0800 To: freebsd-security@freebsd.org From: Karyn Williams Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: log messages to a specific file X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jan 2004 22:02:06 -0000 I am trying to configure syslog.conf to send messages from one of my hosts to a select file for that host. The host is currently sending messages to the syslog server and they are being logged but I would like to have all the messages from this host go to a separate file. FreeBSD 4.9-RELEASE # $FreeBSD: src/etc/syslog.conf,v 1.13.2.4 2003/05/12 13:59:23 yar Exp $ # # Spaces ARE valid field separators in this file. However, # other *nix-like systems still insist on using tabs as field # separators. If you are sharing this file between systems, you # may want to use only tabs as field separators here. # Consult the syslog.conf(5) manpage. *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages +caioa.calarts.edu*.* /var/log/caioa.log <------- this is the line I need help with security.* /var/log/security auth.info;authpriv.info /var/log/auth.log mail.info /var/log/maillog lpr.info /var/log/lpd-errs cron.* /var/log/cron *.emerg * # uncomment this to log all writes to /dev/console to /var/log/console.log #console.info /var/log/console.log # uncomment this to enable logging of all log messages to /var/log/all.log # touch /var/log/all.log and chmod it to mode 600 before it will work *.* /var/log/all.log # uncomment this to enable logging to a remote loghost named loghost #*.* @loghost The file /var/log/caioa.log exists and is 600. I got the syntax off a web page, but it is not working for me and I don't see anything in the man page that expalins how to do it. Any help would really be appreciated. Thanks. -- Karyn Williams, CNE Network Services Manager California Institute of the Arts karyn@calarts.edu http://www.calarts.edu/network