syslog has memory buffer that rotates. (:name:size) pflogd can log, tcpump | logger is you want something else
problem solved. On Thu, Jan 28, 2016 at 10:03 AM, Alan McKay <alan.mc...@gmail.com> wrote: > Hi folks, > > Something I've done on other platforms e.g on a firewall is have > tcpdump running and logging to disk. You know ahead of time how much > disk space to allocate to this task, and there are command line > options on tcpdump that you can adjust to accomplish this. So it will > always occupy that known amount of space, and you know that you have > the last X hours of traffic logged. Basically use the option to > change to a new log file as soon as it hits size X, combined with the > option to limit the number of log files to Y. > > Has anyone done something like this with OpenBSD? I don't see > anything obvious and was wondering what others might have done to > accomplish this. Perhaps some kind of wrapper script ... > > thanks, > -Alan > > -- > "You should sit in nature for 20 minutes a day. > Unless you are busy, then you should sit for an hour" > - Zen Proverb > > -- --------------------------------------------------------------------------------------------------------------------- () ascii ribbon campaign - against html e-mail /\
