auth.notice on syslog server
Michael Sierchio
kudzu at tenebras.com
Mon Jun 24 16:28:53 UTC 2013
On Mon, Jun 24, 2013 at 5:35 AM, SWENNEN Rudi
<Rudi.SWENNEN at onprvp.fgov.be> wrote:
> Hello FreeBSD-list,
>
> I have the following two freebsd systems/servers: a server and a client. The syslog of the client is send to the server.
> I was wondering why the auth.notice entry on my server is generating a syslog entry (/dev/console) when I change to root on the client:
> Jun 24 12:01:38 SERVER kernel: Jun 24 12:00:32 CLIENT su: rudi to root on /dev/ttyv0
>
> Is there a way to "limit" the auth-facility not to log via syslog if the entry in generated from a remote system?
Yes, on the host that sends the logs.
E.g.,
auth.*,authpriv.*: /var/log/auth
console.*,cron.*,daemon.*,kern.*,mail.*,ntp.*,security.*,syslog.*,user.*,local.*:
@loghost
More information about the freebsd-questions
mailing list