syslog.conf is utter crap?

To: debian-devel@lists.debian.org
Subject: syslog.conf is utter crap?
From: Kenneth Vestergaard Schmidt <charon@debian.org>
Date: Wed, 11 Apr 2001 00:49:58 +0200
Message-id: <[🔎] 01041100495800.00478@silence>

Hi...

Just experimented with fwanalog, which I am packaging right now (it's an 
iptables log-file analyzer). Doing this, I also wanted to become better at 
checking my logs, so I actually started to look at all the accumulated cruft 
I had. Can it really be true, that the default syslog.conf logs for example 
the DROP's from iptables in /three/ different places?? (syslog, messages, and 
kern.log). Also, all mail-logging is duplicated - mail.log gets it all, 
mail.info also gets it all, mail.warn gets warnings&errors, and last but not 
least mail.err gets errors (and above, of course).. Redundancy, I hear you 
say?

Right now, I'm fiddling with a better setup. Is there some "guideline" I 
should adhere to? Is there a Un*x-standard (or POSIX?) about log-files. Or do 
I have free hands when choosing log-files, etc. Also, would my work in 
reducing this redundancy-garbage be of any use to others, and which packages 
would I break (read: who depends on specific files in /var/log)

Regards,
Kenneth Vestergaard Schmidt

Reply to:

Follow-Ups:
- Re: syslog.conf is utter crap?
  - From: Aaron Lehmann <aaronl@vitelus.com>

Prev by Date: INDEPENDENT SHORT AND LONG DESCRIPTIONS, DAMNIT
Next by Date: Re: Doing ITPs
Previous by thread: Re: INDEPENDENT SHORT AND LONG DESCRIPTIONS, DAMNIT
Next by thread: Re: syslog.conf is utter crap?
Index(es):
- Date
- Thread