On Sat, Sep 23, 2006 at 07:01:43PM -0500, Arnie Stender wrote: > ... I have been watching this thread and sitting here biting my > fingers telling myself to stay out of it
Why? I started the thread to solicit comments. The *last* thing I want is for knowledgeable people to stay out of it. Since you mentioned your job, I'll say that I am *also* a professional UNIX sysadmin and like you I am paid to fix things with people (sometimes literally) yelling in my ear. > ... You may be a masochist and love the pain of having to glean > relevant information out of a heap of meaningless junk (which BTW is > very error prone, it's very easy to miss the one piece of > information you really NEED Well, maybe I'm a wierdo but I *don't* find it painful to pipe a logfile through a bit of perl or sed and page through the results. It's a basic skill of the job and it's far *less* error prone than searching the whole file. > I will let syslog separate my messages into as many files as are > needed to keep relevant information for each subsystem in it's own > place. Hmm, my auth.log contains messages from *four* subsystems: login, PAM, sshd and su . Can I get syslog to follow your recommendation and send the messages from these different subsystems to different files? No! Because they all log to the auth facility. If I need to track sshd activity I have to grep for 'sshd:'. And that would work just as well if all the syslog messages were in the same file. > ... The syslog is very flexible and able to log messages in any way > you want I already pointed out this isn't true. If you want filter on more than the (facility,priority) pair then standard syslog can *not* do that for you. Syslog-ng can, and the fact that someone went to the trouble of creating syslog-ng says something, no? Regards, Jeremy Henty -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
