Markus, The "facility" in syslog is akin to a channel or file number. A syslog client always sends every log message to syslog, along with the facility and priority.
Syslog checks its config line by line to see if it finds a matching
facility and logs messages of the indicated or higher priority.
Normally, you'd have an entry like
*.notice;mail.none;authpriv.none /var/log/messages
and the messages you get (daemon.notice) match that, that's why you see
them in /var/log/messages.
So, first set the syslog facility in mon.cf to an unused localx, let's
say local2.
Then, depending on your needs, you can either suppress mon's messages at
all:
*.notice;mail.none;authpriv.none;local2.none
/var/log/messages
or you limit them to info and higher:
*.notice;mail.none;authpriv.none;local2.info
/var/log/messages
or you send mon's output elsewhere (e.g. again only info & higher):
*.notice;mail.none;authpriv.none;local2.none
/var/log/messages
local2.info
/var/log/mon
(In the latter case, remember to include the new log file in the log
rotation scheme you use!)
Regards,
--Peter Holzleitner
Group Leader, Operations
Information Technology and Knowledge Management (IPC/ITKM)
United Nations Industrial Development Organization (UNIDO)
Vienna, Austria http://www.unido.org
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, January 15, 2002 1:47 PM
> To: [EMAIL PROTECTED]
> Subject: Please help -> syslog_facility
>
>
> I am a newbie and don�t unterstand the syslog_facility option:
>
> I have a SUSE 7.3 Linux
> I found a file /etc/syslog.conf
> I read the man syslog and man syslog.conf
>
> I know there is the facitlity:
> auth,
> auth-priv,cron,daemon,kern,lpr,mail,mark,news,security,syslog,user
> uusp, local0 through local7
>
> I know there is the priority:
> debug,info,notice,warning,warn,error,crit,alert,panic
>
> I know there is the mon.conf:
>
> syslog_facility = daemon (default)
>
> Or there is the parameter -0 facility
> /usr/local/mon/mon -O facility
>
> I look at the perl code and find Hardcoded following commands:
>
> syslog('info', "client command \"$l\"") ....
>
> info = priority ?!
>
> My cgi-script with the mon-client command makes many queries (html
> refresh=5);
>
> On the remote server, there are many mon entries in the
> /var/log/messages
> ...
>
> e.g.
> Jan 15 13:29:35 pc426 mon[20686]: client connection from
> 172.20.12.216:34029
> Jan 15 13:29:35 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:29:35 pc426 mon[20686]: client command "list failures"
> Jan 15 13:29:35 pc426 mon[20686]: client connection from
> 172.20.12.216:34030
> Jan 15 13:29:36 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:29:36 pc426 mon[20686]: client command "list disabled"
> Jan 15 13:29:36 pc426 mon[20686]: client connection from
> 172.20.12.216:34031
> Jan 15 13:29:37 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:29:37 pc426 mon[20686]: client command "list disabled"
> Jan 15 13:29:37 pc426 mon[20686]: client connection from
> 172.20.12.216:34032
> Jan 15 13:29:38 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:29:38 pc426 mon[20686]: client command "list disabled"
> Jan 15 13:34:38 pc426 mon[20686]: client connection from
> 172.20.12.216:34061
> Jan 15 13:34:38 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:34:38 pc426 mon[20686]: client command "list failures"
> Jan 15 13:34:38 pc426 mon[20686]: client connection from
> 172.20.12.216:34062
> Jan 15 13:34:39 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:34:39 pc426 mon[20686]: client command "list disabled"
> Jan 15 13:34:39 pc426 mon[20686]: client connection from
> 172.20.12.216:34063
> Jan 15 13:34:40 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:34:40 pc426 mon[20686]: client command "list disabled"
> Jan 15 13:34:40 pc426 mon[20686]: client connection from
> 172.20.12.216:34064
> Jan 15 13:34:41 pc426 mon[20686]: client command "protid 9745"
> Jan 15 13:34:41 pc426 mon[20686]: client command "list disabled"
>
> How can I disable this many info mon messages in the
> /var/log/messages file
> Can I use the syslog_facility for my problem ?
>
> Please help
>
> Thanks
> Markus
>
>
>
>
>
>
>
>
>
>
>
>
>
> Markus Lehmann
> Netzwerkmanagment
> PALMERS TEXTIL AG
> A-2351 Wiener Neudorf
> Palmersstrasse 6-8
> Tel.: +43 (2236) 63 500 244
> Fax.: +43 (2236) 63 533 244
> @mail: [EMAIL PROTECTED]
>
>
Peter HOLZLEITNER (E-mail).vcf
Description: Binary data
