Syslog from external machine
Mark
admin at asarian-host.net
Thu May 22 11:09:33 PDT 2003
----- Original Message -----
From: "Andy Farkas" <andyf at speednet.com.au>
To: "Mark" <admin at asarian-host.net>
Cc: <freebsd-questions at freebsd.org>
Sent: Thursday, May 22, 2003 12:41 AM
Subject: Re: Syslog from external machine
> On Wed, 21 May 2003, Mark wrote:
>
> > Using FreeBSD 4.7R, I was experimenting a bit with my router's
> > syslog facility (on port 514). I set up syslogd like this:
> >
> > /usr/sbin/syslogd -a 192.168.1.1:514
> >
> > Assuming this would allow incoming UDP on port 514 for the
> > 192.168.1.1 router address. Alas, nothing is logged in
> > /var/log/messages.
>
> Go into /etc/syslog.conf and uncomment the `*.* /var/log/all.log
> line. touch /var/log/all.log and restart syslogd.
>
> Now you can monitor all messages sent to syslogd.
Indeed, this now works. :) But I get a LOT of messages in /var/log/all.log!
Is there not a way I can log 'the rest'? See, now I have something like:
...
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
cron.* /var/log/cron
*.err root
*.notice;news.err root
*.alert root
*.emerg *
*.* /var/log/router.log
But what I would really want is: "Everything which is not covered by any of
the above, log to /var/log/router.log". Something like: "!*.*". Well, you
know what I mean.
If that is not possible, is there a way I can determine to what syslog
facility the router is logging? (like "mail.crit" or something).
Much obliged,
- Mark
More information about the freebsd-questions
mailing list