Markus, The "facility" in syslog is akin to a channel or file number. A syslog client always sends every log message to syslog, along with the facility and priority.
Syslog checks its config line by line to see if it finds a matching facility and logs messages of the indicated or higher priority. Normally, you'd have an entry like *.notice;mail.none;authpriv.none /var/log/messages and the messages you get (daemon.notice) match that, that's why you see them in /var/log/messages. So, first set the syslog facility in mon.cf to an unused localx, let's say local2. Then, depending on your needs, you can either suppress mon's messages at all: *.notice;mail.none;authpriv.none;local2.none /var/log/messages or you limit them to info and higher: *.notice;mail.none;authpriv.none;local2.info /var/log/messages or you send mon's output elsewhere (e.g. again only info & higher): *.notice;mail.none;authpriv.none;local2.none /var/log/messages local2.info /var/log/mon (In the latter case, remember to include the new log file in the log rotation scheme you use!) Regards, --Peter Holzleitner Group Leader, Operations Information Technology and Knowledge Management (IPC/ITKM) United Nations Industrial Development Organization (UNIDO) Vienna, Austria http://www.unido.org > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, January 15, 2002 1:47 PM > To: [EMAIL PROTECTED] > Subject: Please help -> syslog_facility > > > I am a newbie and donīt unterstand the syslog_facility option: > > I have a SUSE 7.3 Linux > I found a file /etc/syslog.conf > I read the man syslog and man syslog.conf > > I know there is the facitlity: > auth, > auth-priv,cron,daemon,kern,lpr,mail,mark,news,security,syslog,user > uusp, local0 through local7 > > I know there is the priority: > debug,info,notice,warning,warn,error,crit,alert,panic > > I know there is the mon.conf: > > syslog_facility = daemon (default) > > Or there is the parameter -0 facility > /usr/local/mon/mon -O facility > > I look at the perl code and find Hardcoded following commands: > > syslog('info', "client command \"$l\"") .... > > info = priority ?! > > My cgi-script with the mon-client command makes many queries (html > refresh=5); > > On the remote server, there are many mon entries in the > /var/log/messages > ... > > e.g. > Jan 15 13:29:35 pc426 mon[20686]: client connection from > 172.20.12.216:34029 > Jan 15 13:29:35 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:29:35 pc426 mon[20686]: client command "list failures" > Jan 15 13:29:35 pc426 mon[20686]: client connection from > 172.20.12.216:34030 > Jan 15 13:29:36 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:29:36 pc426 mon[20686]: client command "list disabled" > Jan 15 13:29:36 pc426 mon[20686]: client connection from > 172.20.12.216:34031 > Jan 15 13:29:37 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:29:37 pc426 mon[20686]: client command "list disabled" > Jan 15 13:29:37 pc426 mon[20686]: client connection from > 172.20.12.216:34032 > Jan 15 13:29:38 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:29:38 pc426 mon[20686]: client command "list disabled" > Jan 15 13:34:38 pc426 mon[20686]: client connection from > 172.20.12.216:34061 > Jan 15 13:34:38 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:34:38 pc426 mon[20686]: client command "list failures" > Jan 15 13:34:38 pc426 mon[20686]: client connection from > 172.20.12.216:34062 > Jan 15 13:34:39 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:34:39 pc426 mon[20686]: client command "list disabled" > Jan 15 13:34:39 pc426 mon[20686]: client connection from > 172.20.12.216:34063 > Jan 15 13:34:40 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:34:40 pc426 mon[20686]: client command "list disabled" > Jan 15 13:34:40 pc426 mon[20686]: client connection from > 172.20.12.216:34064 > Jan 15 13:34:41 pc426 mon[20686]: client command "protid 9745" > Jan 15 13:34:41 pc426 mon[20686]: client command "list disabled" > > How can I disable this many info mon messages in the > /var/log/messages file > Can I use the syslog_facility for my problem ? > > Please help > > Thanks > Markus > > > > > > > > > > > > > > Markus Lehmann > Netzwerkmanagment > PALMERS TEXTIL AG > A-2351 Wiener Neudorf > Palmersstrasse 6-8 > Tel.: +43 (2236) 63 500 244 > Fax.: +43 (2236) 63 533 244 > @mail: [EMAIL PROTECTED] > >
Peter HOLZLEITNER (E-mail).vcf
Description: Binary data