On 7/24/23 1:42 PM, Tom Longfellow wrote:
I am sure that all of Unix Gurus will laugh at my ignorance, but I still
cannot break through this wall.
A /good/ Unix Guru worth their disk space will NOT laugh at you / your
perceived ignorance. A BOFH will laugh at most things, even legitimate
questions.
The syntax of syslogd.conf is a complete
mystery of arcane directives that I have been unable to juggle..
There are both simpler and more complex files. But, syntax alone
doesn't make a file simple or complex.
Aside: There are multiple different SYSLOG implementations in the world
and I don't have access to a mainframe to check the manual pages for USS
/ OMVS.
I currently have a set up that send all messages from TASKA to LOGA... All
messages from TASKB to LOGB.
Okay.
There is also a 'catchall' that sends all the messages to a common log file.
ACK
What I would 'like' to do is replace the 'catchall' with a selection screen
that exclude TASKA and TASKB messages but still collects the rest of the
syslog traffic.
I don't know what to think about the "selection screen" comment.
But I'm answering as an aspiring hope to be Unix Guru some day.
syslog.conf usually has an option to negate something, frequently with a
leading exclamation mark. Often the negation means not this priority
level or higher levels.
E.g. to write all mail logs below the info priority to /var/log/mail
you'd use something like the following:
mail.*;mail.!info /var/log/mail
To write all mail logs except mail.info exactly, you'd use something
like the following:
mail.*;mail.!=info /var/log/mail
With negation in mind, you need to build a pattern that matches
everything /except/ the things that you want to not receive.
I don't know how your "TASKA" refers to a service; mail, kern(el), cron,
etc, or a level.
If you are referring to a service, you should be able to construct a
rule that matches all services except mail by listing all the other
services on the line.
I have long considered the service and priority to be akin to columns
(services) and rows (priority) in a table. You can easily write rules
that match a (set of) given column(s) / services or a (set of) given
row(s) (priorities). Writing things to do an intersection of more than
one row and column becomes interesting.
The tedious method is to write a separate rule that matches each and
every intersecting pair of column(s) (services) and row(s) (priorities).
There should be no problem having multiple matches writing to the same
log file.
I hope that helps provide some insight from an aspiring Unix Guru's
perspective.
Grant. . . .
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
