Discussion on Syslog Configuration

Discussion on Syslog Configuration

Post by n.. » Mon, 05 Feb 1996 04:00:00

I recently reworked the syslog configuration for a client.  They have
about 12 SunsOS and Solarises.  I was trying to think of a sensible way
to organize syslog so you could see the important stuff reasonably quickly
and quickly preview the less important stuff.

Here's what I decided to do, after no better idea emerged:

I organized /var/log into two directories, byfacility and bylevel.
Then on the Loghost (most everything goes to the log host) I have it
broken down so that information and debugging messages go to
/var/log/bylevel/info.log, warning and notice messages go to
/var/log/bylevel/warning.log, and then the critical and emergency
messages go to /var/log/bylevel/danger.log.

Then I break them down by facility so that anything of a *.notice
goes to it's facility file in /var/log/byfacility, for instance,
there's a /var/log/byfacility/lpr.log, one for daemon, another for
mail and so on.

I rather like the way it turned out.  So then I wrote a tool to
report on and compress the various logs and so on.  However, what
I really think would be neat would be a tool to display logs,
filtered in various ways, in HTML.  Has anyone done that?
How have other people dealt with syslog configurations?

Nancy Milligan          Milligan Consulting Services    

                        Internet Connectivity, Firewalls, Usenet, WWW


1. Tuning syslog/Syslog reporting/Syslog enhancement/replacements


        I have been investigating using syslog's logging facilities. I have
currently set up our network to log to a central logging host. In my
preliminary attempts, I have set up syslog to dump everything to a single file,
which gets messy. I've sorted out the files now, and I have noticed that
certain applications such as telnetd and ftpd write to the LOG_MAIL facility.
Is there
a way to alter the logging facility that they report to, or will I have to have
modified binaries to handle this? I'm mostly concerned with our AIX machines
but we also have HPUX, Sunos/Solaris, and OSF. I could very well have it dump
information and sort out the data based on rules I develop using
sed/awk/perl/grep (whatever), But it would be nicer if it were done by
syslog/programs writing to syslog.

        Also, is anyone familiar with any other logging utilities? I would be grateful
for some help/advice or some pointers to where to find this information.

Thanks for your help.


2. nfs on "minimal system"

3. creating different syslog file /var/log/syslog.0 /var/log/syslog.1...

4. KDE2.0.1 and ossl

5. syslog daemon configuration file ?????

6. One more question

7. syslog configuration


9. Help with pop3d syslog configuration

10. Syslog configuration

11. syslog configuration

12. syslog host configuration