Am 16.02.2011 13:55, schrieb Robert Schetterer: > Am 16.02.2011 09:10, schrieb Reindl Harald: >> This game should be played with the system-logger >> >> /etc/rsyslog.conf: >> :msg, contains, "client=localhost[127.0.0.1]" ~ >> :msg, contains, "client=unknown[127.0.0.1]" ~ >> >> Am 16.02.2011 09:07, schrieb Robert Schetterer: >>> Hi, >>> is there an easy "switch" to getout >>> of logging "Connection reset by peer" from special ips/net i.e from >>> loadbalancers or montitoring checks? >>> for sure only a cosmetic question >>> >>> ----snip >>> 1 write [.....]:40057: Connection reset by peer >> > > hi , thx i know what you want to get me in > > but this does not work as such simple ( tested in lucid ), i see i > should study rsyslog
order is afaik important here my full config with stripped mysql-passwords which is another (optional) thing i have running this config since fedora 11 and now running fedora 13 while testing on F14 also successfull ___________________ #### MODULES #### $ModLoad imuxsock.so # provides support for local system logging $ModLoad imklog.so # provides kernel logging support $ModLoad ommysql # provides mysql-output #### GLOBAL DIRECTIVES #### # Use default timestamp format $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat #### RULES #### # Ignored messages :msg, contains, "FILTER barracudafeed" ~ :msg, contains, "disconnect from barracuda.thelounge.net[10.0.0.20]" ~ :msg, contains, "Did not receive identification string from 10.0.0.30" ~ :msg, contains, "connect from thx1138.thelounge.net[10.0.0.30]" ~ :msg, contains, "lost connection after CONNECT from thx1138.thelounge.net[10.0.0.30]" ~ :msg, contains, "connect from barracuda.thelounge.net[10.0.0.20]" ~ :msg, contains, "RCPT from barracuda.thelounge.net" ~ :msg, contains, "uid=0 from=<root>" ~ :msg, contains, "client=localhost[127.0.0.1]" ~ :msg, contains, "client=unknown[127.0.0.1]" ~ # Log anything (except mail) of level info or higher # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* -/var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg * # Save news errors of crit in special file. uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local7.* /var/log/boot.log ### DATABASE-LOGGING ### $WorkDirectory /var/spool/rsyslog # default location for work (spool) files $ActionQueueType LinkedList # use asynchronous processing $ActionQueueFileName dbq # set file name, also enables disk mode $ActionResumeRetryCount -1 # infinite retries on insert failure *.info;mail.none;authpriv.none;cron.none :ommysql:logserver1,rsyslog,rsyslog,***** mail.* :ommysql:logserver2,syslog,rsyslog,*****
signature.asc
Description: OpenPGP digital signature
