Configuring the syslog.conf file for Syslog facilities settings

Article:HOWTO59406  |  Created: 2011-10-04  |  Updated: 2011-10-04  |  Article URL http://www.symantec.com/docs/HOWTO59406
Article Type
How To


Subject


Configuring the syslog.conf file for Syslog facilities settings

If you have a scanner on UNIX and you want to enable Message audit log for syslog, you must configure /etc/syslog.conf. This file provides administrators with a single point of management to collect, distribute, and process the log data. You can configure this file for the desired facility, log level, and the log file locations. Based on the facility level, the logs are directed to the different files.

Before you configure this file for the desired facility, you must check the settings in the /etc/syslog.conf file in your computer. This file may already have the settings for the facility that you want to configure.

To configure syslog.conf file for syslog facility settings

  1. Browse to /etc/syslog.conf and open the file.

  2. Do any of the following:

    To add facility, log level, and log file location

    Type the facility name followed by a period and the log level. Then press TAB and type the file name.

    Facilityname.level TAB filename

    For example,

    mail.notice		 /var/log/maillog

    To log the messages for all the facilities for desired level

    Type an asterisk and a period (*.) before the log level. Then press TAB and type the file name.

    *.level TAB filename

    For example,

    *.debug		filename

    To log messages of all levels that the facility generates

    Type the facility name followed by a period and an asterisk (.*). Then press TAB and type the file name.

    Facilityname.* TAB filename

    For example,

    kern.* 			filename

    To stop all logs from being written to log files simultaneously

    Type the facility name followed by a period and the log level. Then press TAB and type a hyphen (-) before the log path.

    For example,

    mail.notice		  - /var/log/maillog
  3. Save the syslog.conf file.

  4. To restart the syslogd daemon to reread the configuration file, type one of the following in the command line:

    Linux and Solaris 8.x/9.x

    /etc/init.d/syslog restart

    Solaris 10

    svcadm refresh svc:/system/system-log:default

See Working with Logs.

See Modifying Log settings.


Legacy ID



v56207009_v64406064


Article URL http://www.symantec.com/docs/HOWTO59406


Terms of use for this information are found in Legal Notices