> You grepped out some useful information; most likely you added it to > the end so the previous blocks match first. This might make it clearer: >
look's like this: # cat /etc/syslog.conf # $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $ # !!spamd daemon.info /var/log/spamd # *.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none /var/log/messages kern.debug;syslog,user.info /var/log/messages auth.info /var/log/authlog authpriv.debug /var/log/secure cron.info /var/cron/log daemon.info /var/log/daemon ftp.info /var/log/xferlog lpr.debug /var/log/lpd-errs mail.info /var/log/maillog #uucp.info /var/log/uucp # Uncomment this line to send "important" messages to the system # console: be aware that this could create lots of output. #*.err;auth.notice;authpriv.none;kern.debug;mail.crit /dev/console # Uncomment this to have all messages of notice level and higher # as well as all authentication messages sent to root. #*.notice;auth.debug root # Everyone gets emergency messages. *.emerg * # Uncomment to log to a central host named "loghost". You need to run # syslogd with the -u option on the remote host if you are using this. # (This is also required to log info from things like routers and # ISDN-equipment). If you run -u, you are vulnerable to syslog bombing, # and should consider blocking external syslog packets. #*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost #auth,daemon,syslog,user.info;authpriv,kern.debug @loghost # Uncomment to log messages from sudo(8) and chat(8) to their own # respective log files. Matches are done based on the program name. # Program-specific logs: #!sudo #*.* /var/log/sudo #!chat #*.* /var/log/chat !ppp *.* /var/log/ppp # maybe problem in this: # ls -la /var/log/ | grep spamd -rw-r--r-- 1 root wheel 0 Sep 21 21:24 spamd
