Re: more on syslogd & remote logging
On Wed, Aug 02, 2000 at 10:45:59PM -0700, nate@firetrail.com wrote
> ok, i got syslogd working it is recieving log entries from my router, now
> im curious how i would redirect those to a dedicated file? i tried various
> things in /etc/syslog.conf and the log file is empty still. I'd like to
> redirect everything from 10.10.10.1 to /var/log/dsl.log
>
> sample log entries:
>
> Aug 2 15:26:25 10.10.10.1 000:23:31:30 ATM Info Wan0 Up, 640
> Kbps Down, 544 Kbps Up, 340 Baud^M
> Aug 2 15:26:25 10.10.10.1 000:23:31:30 ATM Info Wan0 Up*,
> +11.3 dB TX Power, +18.7 dB Rem TX Power, 42 dB RX Gain, No Change
> Margin^M
> Aug 2 15:26:25 10.10.10.1 000:23:31:30 PPP Info PPP Up Event
> on wan0-0^M
> Aug 2 15:26:25 10.10.10.1 000:23:31:30 ATM Info Wan0 Up*, 23
> dB Line Quality^M
> Aug 2 15:26:40 10.10.10.1 000:23:31:45 SERIAL Info Serial
> Connection Timeout^M
> Aug 2 15:28:05 10.10.10.1 000:23:33:10 PPP Info PPP Down
> Event on wan0-0^M
>
> any ideas ??
>
Use /etc/syslog.conf to control where logging goes.
This allows you to specify things by facility and priority.
Your router should allow you specify the syslog facility used
for messages, probably with a config statement like
logging facility local3
if it's a Cisco (it's on the documentation CD which you should have).
Edit /etc/syslog.conf to add a line like this:
local3.* -/var/log/dsl.log
If you want quick console access to the messages and aren't
too fussed about other peopel seeing them, you can also
use a line like
local3.* /dev/tty12
to direct them to an unused vt as well.
You may also want to add local3.none to some of the other lines, if
they use a wildcard for the facility and you don't want those lines
to catch messages from your router.
Then run
# /etc/init.d/sysklogd reload
and tell your router to use syslog facility local3 (or whatever you
chose).
John P.
--
huiac@camtech.net.au
john@huiac.apana.org.au
http://www.mdt.net.au/~john Debian Linux admin & support:technical services
Reply to: