On Fri, Jan 31, 2003 at 10:15:25AM -0800, Michael K. Smith wrote: > Hello All: > > I am trying to set up a few facilities to receive syslog info from > various network devices. In all cases, not only do the arriving > packets get logged to the logfile configured, but they also get logged > to /var/log/messages. I would like messages to be used only for > system-related issues. I have included the relevant snippets from my > syslog.conf file. Could someone please help me figure out what I'm > doing wrong? > > Thanks, > > Mike > > *.err;kern.debug;auth.notice;mail.crit /dev/console > *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages > security.* /var/log/security > auth.info;authpriv.info /var/log/auth.log > mail.info /var/log/maillog > lpr.info /var/log/lpd-errs > cron.* /var/log/cron > local5.* /var/log/switches.log > local6.* /var/log/pix.log > local7.* /var/log/routers.log > > ------------------------------------------------------------------------ > -- > Michael K. Smith NoaNet > 206.219.7116 (work) 206.579.8360 (cell) > [EMAIL PROTECTED] http://www.noanet.net
Two things. 1) Did you remember to restart the syslogd when you changed syslog.conf? Try a `killall -HUP syslogd`. 2) What level are the local(n) facilities logging at? Right now your setup will log anything with a NOTICE level to messages. Nathan -- GPG Public Key ID: 0x4250A04C gpg --keyserver pgp.mit.edu --recv-keys 4250A04C http://63.105.21.156/gpg_nkinkade_4250A04C.asc
msg17379/pgp00000.pgp
Description: PGP signature
