syslog.conf - log records to a script
smithi at nimnet.asn.au
Wed Apr 5 15:13:05 UTC 2017
In freebsd-questions Digest, Vol 670, Issue 3, Message: 7
On Tue, 04 Apr 2017 15:22:15 -0400 Ernie Luzar <luzar722 at gmail.com> wrote:
> In syslog.conf I have these 2 lines.
> local0.* /var/log/security
> local0.* | exec /usr/local/bin/ipf.table
The example in syslog.conf(5) uses no space between '|' and 'exec'. I'm
not sure whether that matters, but it's easy to test.
> The security log file is being populated and working fine.
> Now I want to pipe the same log records to a script for processing.
> I'm using a very simple script to verify that the test script is being
> handed all the log records. My test ipf.table script looks like this,
> #! /bin/sh
It's traditional (at least) to have no space between '#!' and '/bin/sh'.
I'm not entirely sure that matters either, but it's also an easy test.
> read line
> echo "$line" >> /var/log/ipf.table.log
> When I issue "service syslogd restart" I get no errors.
> The ipf.table.log gets populated with the first log record and them
> nothing happens after that even though I can see more entries being
> logged to /var/log/security.
> What am I doing wrong here?
I'm not sure :)
Is /usr/local/bin/ipf.table owned by root and set executable?
Any error reports in /var/log/messages or /var/log/console.log?
More information about the freebsd-questions