Summary - configuring syslog.conf

From: Mark_Conroy@em.fcnbd.com
Date: Fri Oct 24 1997 - 10:45:45 CDT


     To all of the people who responded to my questions, many thanks..
     (There were just too many responses to thank everyone individually).
     
     Overall, the suggestions were similar.
     
     Don't use spaces, use tabs when configuring syslog.conf.
     After making changes, kill -HUP pid for syslog.conf.
     
     The message below is from Kai O'Yang who was one of may who forwarded
     their syslog.conf files to share.
     
     I am now receiving auth.notice messages from a remote system to my
     loghost(on both the console and authlog file.
     
     The only real problem I have that I haven't been able to resolve with
     this is that the name of the remote host is not showing up. Instead,
     I am receiving "???" in its place, and garbage on the device name:
     
     Oct 23 14:44:32 ??? su:'su root' succeeded for mconroy on /dev/pts/3^m
     
     I am sure it is configured correctly in dns. So I am at a lost.
     
     Any thought???
     
     Thanks again for everyone's help.
     
     Mark Conroy
     
     
     First add a loghost alias in /etc/hosts or nis table for the syslog
     host. Here's my syslog.conf for all client machines.
     
     #ident "@(#)syslog.conf 1.3 93/12/09 SMI" /* SunOS 5.0
     */ #
     # Copyright (c) 1991-1993, by Sun Microsystems, Inc. #
     # syslog configuration file.
     #
     # This file is processed by m4 so be careful to quote (`') names #
     that match m4 reserved words. Also, within ifdef's, arguments #
     containing commas must be quoted.
     #
     # Note: Have to exclude user from most lines so that user.alert #
      and user.emerg are not included, because old sendmails # will
     generate them for debugging information. If you
     # have no 4.2BSD based systems doing network logging, you #
      can remove all the special cases for "user" logging.
     #
     *.err;kern.notice;auth.notice;user.none /dev/console
     *.err;kern.debug;daemon.notice;mail.crit;user.none @loghost
     
     *.alert;kern.err;daemon.err;user.none operator,@loghost
     *.alert;user.none root,@loghost
     
     *.emerg;user.none @loghost auth.info
                       @loghost
     mail.info @loghost daemon.info
       @loghost
     
     For the loghost:
     #ident "@(#)syslog.conf 1.3 93/12/09 SMI" /* SunOS 5.0
     */ #
     # Copyright (c) 1991-1993, by Sun Microsystems, Inc. #
     # syslog configuration file.
     #
     # This file is processed by m4 so be careful to quote (`') names #
     that match m4 reserved words. Also, within ifdef's, arguments #
     containing commas must be quoted.
     #
     # Note: Have to exclude user from most lines so that user.alert #
      and user.emerg are not included, because old sendmails # will
     generate them for debugging information. If you
     # have no 4.2BSD based systems doing network logging, you #
      can remove all the special cases for "user" logging.
     #
     *.err;kern.notice;auth.notice;user.none /dev/console
     *.err;kern.debug;daemon.notice;mail.crit;user.none
     /var/adm/messages
     
     *.alert;kern.err;daemon.err;user.none operator
     *.alert;user.none root
     
     *.emerg;user.none * auth.info
              /var/log/authlog mail.info
     /var/log/mlog
     #
     # Adding log to daemon information
     #
     daemon.info /var/log/syslog
     



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:06 CDT