Syslog from external machine

Mark admin at
Thu May 22 11:09:33 PDT 2003

----- Original Message ----- 
From: "Andy Farkas" <andyf at>
To: "Mark" <admin at>
Cc: <freebsd-questions at>
Sent: Thursday, May 22, 2003 12:41 AM
Subject: Re: Syslog from external machine

> On Wed, 21 May 2003, Mark wrote:
> > Using FreeBSD 4.7R, I was experimenting a bit with my router's
> > syslog facility (on port 514). I set up syslogd like this:
> >
> > /usr/sbin/syslogd -a
> >
> > Assuming this would allow incoming UDP on port 514 for the
> > router address. Alas, nothing is logged in
> > /var/log/messages.
> Go into /etc/syslog.conf and uncomment the `*.* /var/log/all.log
> line. touch /var/log/all.log and restart syslogd.
> Now you can monitor all messages sent to syslogd.

Indeed, this now works. :) But I get a LOT of messages in /var/log/all.log!
Is there not a way I can log 'the rest'? See, now I have something like:

...   /var/log/maillog   /var/log/lpd-errs
cron.*    /var/log/cron
*.err    root
*.notice;news.err  root
*.alert    root
*.emerg    *
*.*    /var/log/router.log

But what I would really want is: "Everything which is not covered by any of
the above, log to /var/log/router.log". Something like: "!*.*". Well, you
know what I mean.

If that is not possible, is there a way I can determine to what syslog
facility the router is logging? (like "mail.crit" or something).

Much obliged,

- Mark

More information about the freebsd-questions mailing list