Syslog server not logging remote machines to file?

[Kaya Saman]

>> cvthname(192.168.1.1)
>> validate: dgram from IP 192.168.1.1, port 59189, name router.domain;
>> accepted in rule 0.
>> logmsg: pri 275, flags 0, from cisco857w, msg 10048: 010035: Nov 19
>> 10:33:48.037: %SYS-5-CONFIG_I: Configured from console by admin on vty0
>> (192.168.1.120)
> If we take the 'priority' of that message at face value,
>    it is a facility value of 34
>    and a logging priority of  3
>
> On the machines I have access to, facility values stop at _24_.
>
> The message may be being discarded because of a 'nonsense' priority.

I changed the 'facility' value within the IOS itself to kernel:

(config)#logging facility kern

- and now the generated message shows this:

accepted in rule 0.
logmsg: pri 15, flags 0, from cisco857w, msg 10146: 010133: Nov 19 
23:05:54.538: %SYS-5-CONFIG_I: Configured from console by admin on vty0 
(192.168.0.53


still not logging to file though :-( ??

>
>> The file is mentioned in syslogd config and seems to be loaded within
>> the configuration:
>>
>> {
>>
>> cfline("*.*                        /var/log/cisco857w.log", f, "*",
>> "+192.168.1.1")
>>
>> 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FILE:
>> /var/log/cisco857w.log
> _THAT_ lookks like only _24_ known 'facility' values.
>
>> # ls -l /var/log | grep cisco857
>> -rw-------  1 root   wheel             0 Nov 18 16:32 cisco857w.log
> And, I presume that when you are invoking syslogd in 'debug' mode, you
> are running as superuser.

Yep, that is correct! Am using: su -

>> So after all this looks {**perfect**} what can this mysterious problem be??
>>
> I'm _guessing_ that the apparent 'facility' value of 34 is a good candidate.
>
>
>