Re: IPFilter and IPMon logging to syslog
On Tue, Mar 1, 2011 at 8:38 PM, Dean E. Weimer dwei...@dweimer.net wrote: I have been doing some work with cleaning up my log files to make them easier to read, and for the life of me can't figure out how to get my IPFilter logs to stop going into the /var/log/messages log. I have a syslog entry for local0.* /var/log/ipfilter.log which works great, and captures all the logs I want. I have tried adding local0.none on the /var/log/messages line, but it seems to have no effect. Can anyone tell me what I am doing wrong here, the below lines are from my syslog.conf configuration file. *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err;local0.none /var/log/messages local0.* /var/log/ipfilter.log I usually do it this way: !-local0 # disable logging of local0 [log whatever] /var/log/messages !local0 # enable logging of local0 local0.* /var/log/ipfilter.log Regards, -- Nino ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFilter and IPMon logging to syslog
On Wed, 02 Mar 2011 12:23:27 +0100, Bernt Hansson wrote: Put this in your rc.conf ipmon_flags=-D -f /var/log/ipf.log I don't doubt that would work, but I would rather stick with using syslogd to handle the logging. As I am hoping to implement remote logging to another server for log consolidation of several servers, which is why I started the process of cleaning up the local logs. --- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFilter and IPMon logging to syslog
On Wed, 2 Mar 2011 09:34:39 +0100, n j wrote: On Tue, Mar 1, 2011 at 8:38 PM, Dean E. Weimer wrote: I have been doing some work with cleaning up my log files to make them easier to read, and for the life of me can't figure out how to get my IPFilter logs to stop going into the /var/log/messages log. I have a syslog entry for local0.* /var/log/ipfilter.log which works great, and captures all the logs I want. I have tried adding local0.none on the /var/log/messages line, but it seems to have no effect. Can anyone tell me what I am doing wrong here, the below lines are from my syslog.conf configuration file. *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err;local0.none /var/log/messages local0.* /var/log/ipfilter.log I usually do it this way: !-local0 # disable logging of local0 [log whatever] /var/log/messages !local0 # enable logging of local0 local0.* /var/log/ipfilter.log Regards, -- Nino ___ freebsd-questions@freebsd.org [2] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions [3] To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org [4] Interesting method, I will keep this in mind for the future. One thing to note, my config above seems to have started working after the messages log rotated. I had restarted the syslog process by running /etc/rc.d/syslogd restart, but for some reason these messages continued until the newsyslog process rotated the messages file. Now to get the rest of my servers local logs cleaned up and implement a new server for log consolidation. --- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IPFilter and IPMon logging to syslog
I have been doing some work with cleaning up my log files to make them easier to read, and for the life of me can't figure out how to get my IPFilter logs to stop going into the /var/log/messages log. I have a syslog entry for local0.* /var/log/ipfilter.log which works great, and captures all the logs I want. I have tried adding local0.none on the /var/log/messages line, but it seems to have no effect. Can anyone tell me what I am doing wrong here, the below lines are from my syslog.conf configuration file. *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err;local0.none /var/log/messages local0.* /var/log/ipfilter.log -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
