IPFilter and IPMon logging to syslog

Dean E. Weimer dweimer at dweimer.net
Wed Mar 2 13:45:44 UTC 2011

 On Wed, 2 Mar 2011 09:34:39 +0100, n j wrote:

> On Tue, Mar 1, 2011 at 8:38 PM, Dean E. Weimer wrote:
>> I have been doing some work with cleaning up my log files to make 
>> them
>> easier to read, and for the life of me can't figure out how to get 
>> my
>> IPFilter logs to stop going into the /var/log/messages log. I have a
>> syslog entry for local0.* /var/log/ipfilter.log which works great, 
>> and
>> captures all the logs I want. I have tried adding local0.none on the
>> /var/log/messages line, but it seems to have no effect. Can anyone 
>> tell
>> me what I am doing wrong here, the below lines are from my 
>> syslog.conf
>> configuration file.
> *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err;local0.none
>> /var/log/messages local0.* /var/log/ipfilter.log
> I usually do it this way: !-local0 # disable logging of local0 [log
> whatever] /var/log/messages !local0 # enable logging of local0 
> local0.*
> /var/log/ipfilter.log Regards, -- Nino
> _______________________________________________
> freebsd-questions at freebsd.org [2] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions [3] To
> unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe at freebsd.org
> [4]"

 Interesting method, I will keep this in mind for the future.

 One thing to note, my config above seems to have started working after 
 the messages log rotated.  I had restarted the syslog process by running 
 /etc/rc.d/syslogd restart, but for some reason these messages continued 
 until the newsyslog process rotated the messages file.

 Now to get the rest of my servers local logs cleaned up and implement a 
 new server for log consolidation.


  Dean E. Weimer

More information about the freebsd-questions mailing list