Date: Thu, 22 Jan 2004 23:36:01 -0700 From: Greg Lewis <glewis@eyesbeyond.com> To: Karyn Williams <karyn@calarts.edu> Cc: freebsd-security@freebsd.org Subject: Re: log messages to a specific file Message-ID: <20040123063601.GA54262@misty.eyesbeyond.com> In-Reply-To: <3.0.1.32.20040122140044.024783ac@muse.calarts.edu> References: <3.0.1.32.20040122140044.024783ac@muse.calarts.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 22, 2004 at 02:00:44PM -0800, Karyn Williams wrote: > I am trying to configure syslog.conf to send messages from one of my hosts > to a select file for that host. The host is currently sending messages to > the syslog server and they are being logged but I would like to have all > the messages from this host go to a separate file. FreeBSD 4.9-RELEASE > > # $FreeBSD: src/etc/syslog.conf,v 1.13.2.4 2003/05/12 13:59:23 yar Exp $ > # > # Spaces ARE valid field separators in this file. However, > # other *nix-like systems still insist on using tabs as field > # separators. If you are sharing this file between systems, you > # may want to use only tabs as field separators here. > # Consult the syslog.conf(5) manpage. > *.err;kern.debug;auth.notice;mail.crit /dev/console > *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err > /var/log/messages > +caioa.calarts.edu*.* /var/log/caioa.log > <------- this is the line I need help with Looking at the syslog.conf man page, I would guess you need to put two lines like this at the end of your file: +caioa.calarts.edu *.* /var/log/caioa.log If those two lines aren't at the end then you need to reset the hostname specification with a +* line immediately following those two lines. Note this is all just looking at the man page, I haven't tried it :). > security.* /var/log/security > auth.info;authpriv.info /var/log/auth.log > mail.info /var/log/maillog > lpr.info /var/log/lpd-errs > cron.* /var/log/cron > *.emerg * > # uncomment this to log all writes to /dev/console to /var/log/console.log > #console.info /var/log/console.log > # uncomment this to enable logging of all log messages to /var/log/all.log > # touch /var/log/all.log and chmod it to mode 600 before it will work > *.* /var/log/all.log > # uncomment this to enable logging to a remote loghost named loghost > #*.* @loghost > > The file /var/log/caioa.log exists and is 600. I got the syntax off a web > page, but it is not working for me and I don't see anything in the man page > that expalins how to do it. Look at the paragraph which starts "A program specification is a line...". Further on in that paragraph it mentions hostname specifications. It would probably be worthwhile putting a host example in the EXAMPLES section too. -- Greg Lewis Email : glewis@eyesbeyond.com Eyes Beyond Web : http://www.eyesbeyond.com Information Technology FreeBSD : glewis@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040123063601.GA54262>