Date: Mon, 24 Jun 2013 09:28:52 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: auth.notice on syslog server Message-ID: <CAHu1Y70o4znN5kJ6q7tRcoQCpoVpCHv2=9gJxEVQu3Dyq0YarA@mail.gmail.com> In-Reply-To: <A3876859FBFA134BBEB7A9ADE583EC1D1F9472EED5@SPR-EXC01.onprvp.fgov.be> References: <A3876859FBFA134BBEB7A9ADE583EC1D1F9472EED5@SPR-EXC01.onprvp.fgov.be>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 24, 2013 at 5:35 AM, SWENNEN Rudi <Rudi.SWENNEN@onprvp.fgov.be> wrote: > Hello FreeBSD-list, > > I have the following two freebsd systems/servers: a server and a client. The syslog of the client is send to the server. > I was wondering why the auth.notice entry on my server is generating a syslog entry (/dev/console) when I change to root on the client: > Jun 24 12:01:38 SERVER kernel: Jun 24 12:00:32 CLIENT su: rudi to root on /dev/ttyv0 > > Is there a way to "limit" the auth-facility not to log via syslog if the entry in generated from a remote system? Yes, on the host that sends the logs. E.g., auth.*,authpriv.*: /var/log/auth console.*,cron.*,daemon.*,kern.*,mail.*,ntp.*,security.*,syslog.*,user.*,local.*: @loghost
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y70o4znN5kJ6q7tRcoQCpoVpCHv2=9gJxEVQu3Dyq0YarA>