Re: syslog.conf is utter crap?
On Wed, Apr 11, 2001 at 12:49:58AM +0200, Kenneth Vestergaard Schmidt wrote:
> Just experimented with fwanalog, which I am packaging right now (it's an
> iptables log-file analyzer). Doing this, I also wanted to become better at
> checking my logs, so I actually started to look at all the accumulated cruft
> I had. Can it really be true, that the default syslog.conf logs for example
> the DROP's from iptables in /three/ different places?? (syslog, messages, and
> kern.log). Also, all mail-logging is duplicated - mail.log gets it all,
> mail.info also gets it all, mail.warn gets warnings&errors, and last but not
> least mail.err gets errors (and above, of course).. Redundancy, I hear you
I agree. I finally realized that my logs were so huge because debian's
default syslog.conf puts duplicate messages in so many places.
Here's my syslog.conf...
# First some standard logfiles. Log by facility.
# Some `catch-all' logfiles.
# Emergencies are sent to everybody logged in.