[SATLUG] syslog a particular level

David Kowis dkowis at shlrm.org
Sun Dec 12 17:22:42 CST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/12/2010 10:41 AM, Aaron Hackney wrote:
> Hey all. Quick question that I can't find a clear answer on.
> 
> I have a syslog server that is receiving syslog messages from an
> external source (Cisco ASA firewall) which is sending warning syslog
> messages (local4.*).
> 
> This is NOT syslog-ng, but standard syslog.
> 
> My config looks like this:
> #######################
> 
> local3.* %/var/log/sshd.log
> local5.* %/var/log/smartd.log
> ftp.* %/var/log/ftp.log
> daemon.* %/var/log/daemon.log
> *.notice;kern.debug;lpr.info;mail.crit;mail.info;news.err;local0.none;local7.none
> %/var/log/system.log
> security.* %/var/log/system.log
> auth.info;authpriv.info %/var/log/system.log
> +fw.aaron.pvt
> *.*                     /var/log/cisco-syslog
> *.emerg *
> #######################
> 
> It is working fine, in that I am receiving the syslog messages in
> /var/log/cisco-syslog from my host, but I am also receiving those same
> messages in system.log.
> 
> Is there a way, with standard syslog, to prevent the local4 messages
> from being written to system.log or do I just need to move on to
> syslog-ng?

I'd reccomend rsyslog (if you're going to change.) it's very similar
syntax wise to sysklogd.

I don't have a solution off hand for your exclusion of a log level into
a file.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQGcBAEBAgAGBQJNBVlCAAoJEMnf+vRw63ObYRoL/32sGwDUUkEV+9n2RDSKQgSl
rsTtQNXHGGG+zUPnf2YFUb2Z6HZH2LMhVVuQmRn1gt3BG9QrFiKrDm8ag7c15den
I/xy1qU9Lz78OkmGBDBJPeyWcHvlFTD+YGibdQryj6boxIulbBUgcmljA0ptyMn/
sjdgn47/Hkm1MTxTsn1/MAI5VHHfuF0eXfgPwerbc7Op1iAUV+6Iw10ev92G+2+i
1eyidBRVvjHqr7Nizp5NAHhYiydTkYFifJWPXy3QD2aePWpzhBFSEoSAhgFmV9yN
S50sGAHi9NOWRD0aU+iBbahGS1ssPqxnF5eWNOonL+frQb4VtRFZ+nlWPzfPePTi
FZuF/BFEZBUozUyuVtSkS0fh7dO1kbotPsfQKTtp6PVkc0Pvzo7UZdLtOrYZSxNF
uSVmbRZnT1C/3RRuw4jGb02OGJQifGURwI4McX+P44WTV5Pxl5ZNy5Jc4A55YWg5
NgTW+8qVsmjL43eq2hHZGBNi4NTn4bgX2B+L9jWx9Q==
=1B7d
-----END PGP SIGNATURE-----


More information about the SATLUG mailing list