06-21-2009
Quote:
Originally Posted by
dannytrinh
My company has a strictly policies, and doesn't like the idea to install another syslog program into the system. And I try to get the log to separate off to every daemon for easy troubleshooting/debug. Is it meant I can't separate each daemon log, under Solaris 10 by using syslogd?
Thanks,
I don't think you can do (easily) this with syslogd. Of course you can simply
pipe syslog into a filter (via a named pipe), but most people would not do that, they would use syslog-ng. That is why I recommended you use syslog-ng
Actually, if you had of posted these details first, you would have saved a lot of peoples time. For example, why not begin your post (?)
My company has a strict policy and only permits syslogd, running on Solaris 10 ......
Instead, we post answers for you, then you slowly describe your infrastructure and requirements. How about describing your requirements first next time?
Thanks.
---------- Post updated at 19:19 ---------- Previous update was at 18:38 ----------
Hint:
Quote:
A named pipe (fifo), beginning with a vertical bar (‘‘|’’) followed by a pathname. The pipe must be created with mkfifo(8) before syslogd reads its configuration file. This feature is especially useful for debugging.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Do someone know how to delete entry(some lines)
in file "wtmpx" that command "last" use it.
this file is binary so I cannot edit directy.
=========================
#last
root pts/1 noc Fri Mar 3 22:04 still logged in
root pts/1 noc Fri Mar 3 22:01 - 22:02 ... (4 Replies)
Discussion started by: arm_naja
4 Replies
2. Solaris
Hi Guru's
On one of our servers we have every few seconds following error:
Apr 28 10:15:27 svr10010 nrpe: connect from reno.customs.govt.nz
Apr 28 10:15:29 svr10010 nrpe: connect from reno.customs.govt.nz
Here are the details from this box:
SunOS svr10010 5.10 Generic_125100-10 sun4v... (3 Replies)
Discussion started by: gnom
3 Replies
3. UNIX for Advanced & Expert Users
Hi,
When typing the command ps -fe.the system is showing a process called SYSCON:confused:....
I am not sure what process is that.I hava a script that kills all command staring with 'sys' but i don't want to kill syscon:( since i think it is some system process:confused:
.Please help me to find... (1 Reply)
Discussion started by: kiranjose85
1 Replies
4. Red Hat
Friends ,
Anybody plz tell me what is the basic difference between "service" , "process" and " daemon" ?
Waiting for kind reply .. .. (1 Reply)
Discussion started by: shipon_97
1 Replies
5. Solaris
Hi
I've been using solaris for a few days now. During the install process i had some problems configuring my nic as i needed to install a third-party driver, which i got from a a linked site from the Sun Device Detector tool a ran prior to installing. I got it working eventually, but i'm... (1 Reply)
Discussion started by: jpg.2009
1 Replies
6. Shell Programming and Scripting
Hi,
Please help to seprate my /var/adm/messages output. Than i want to take this
output in the excel.
e,g
cat /var/adm/messages
Sep 4 10:16:52 ibsadm1 inetd: vnetd from 172.17.5.20 38353
Sep 4 10:16:52 ibsadm1 inetd: bpcd from 172.17.5.20 915
Sep 4 10:16:55 ibsadm1 inetd: ... (5 Replies)
Discussion started by: nirjhar17
5 Replies
7. Solaris
Hi Friends,
Please help me to resove this issue ASAP.
Nov 17 16:25:52 server1 sendmail: pAH8Pnh22099: SYSERR: putoutmsg (NO-HOST): error on output channel sending "553 5.1.3 @123.com.... User address required": File too large
Nov 17 16:25:53 server1 sendmail: pAH8Pnh22099:... (1 Reply)
Discussion started by: holds_me
1 Replies
8. Red Hat
Hi,
I am seeing the following errors in my environment, not sure why is it happening, any ideas? Thanks.
kernel: RPC: bad TCP reclen 0x73746174 (non-terminal ) Dec 17 02:14:48 kernel: RPC: bad TCP reclen 0x63480000 (large) Dec 17 02:14:48
kernel: RPC: bad TCP reclen 0x633f0000 (large) Dec... (5 Replies)
Discussion started by: amarlinux
5 Replies
9. Solaris
Below is the error being repeated on my Solaris 9 Sun-Fire-V890 machine.
SAN team confirmed as everything is fine from their end. I did google and found that some people say its a known Oracle bug when you have Oracle 10G installed on your system but I kind of disagree with them. Please see below... (2 Replies)
Discussion started by: vikkash
2 Replies
10. Solaris
Hi,
I am facing issue with one of the drive is solaris 10. it is showing offline in the messages file
scsi: WARNING: /pci@2,600000/QLGC,qlc@0/fp@0,0/ssd@w5006016746e00b1b,0 (ssd0):
drive offline
genunix: WARNING: Page83 data not standards compliant DGC LUNZ 0430
... (1 Reply)
Discussion started by: Prasanth T K
1 Replies
LEARN ABOUT OSF1
syslog.conf
syslog.conf(4) Kernel Interfaces Manual syslog.conf(4)
NAME
syslog.conf - syslogd configuration file
SYNOPSIS
facility.severity destination Where: Is part of the system generating the message, specified in /usr/include/sys/syslog_pri.h.
See also the syslogd(8) reference page. The severity level, which can be emerg, alert, crit, err, warning, notice, info, or debug. See
/usr/include/sys/syslog_pri.h.
The syslogd daemon logs all messages of the specified severity level plus all messages of greater severity. For example, if you
specify level err, all messages of levels err, crit, alert, and emerg or panic are logged. A local file pathname to a log file, a
host name for remote logging or a list of users. In the latter case the users will receive messages when they are logged in. An
asterisk (*) causes a message to be sent to all users who are currently logged in.
DESCRIPTION
The /etc/syslog.conf file is a system file that enables you to configure or filter events that are to be logged by syslogd. You can specify
more than one facility and its severity level by separating them with semicolons.
You can specify more than one facility logs to the same file by separating the facilities with commas, as shown in the EXAMPLES section.
The syslogd daemon ignores blank lines and lines that begin with an octothorpe (#). You can specify # as the first character in a line to
include comments in the file or to disable an entry. The facility and severity level are separated from the destination by one or more tab
characters.
If you want the syslogd daemon to use a configuration file other than the default, you must specify the file name with the following com-
mand: # syslogd -f config_file
Daily Log Files
You can specify in the /etc/syslog.conf file that the syslogd daemon create daily log files. To create daily log files, use the following
syntax to specify the path name of the message destination: /var/adm/syslog.dated/ { file} The file variable specifies the name of the log
file, for example, mail.log or kern.log. If you specify a /var/adm/syslog.dated/file path name destination, each day the syslogd daemon
creates a sub-directory under the /var/adm/syslog.dated directory and a log file in the sub-directory, using the following syntax:
/var/adm/syslog.dated/ date / file Where: The date variable specifies the day, month, and time that the log file was created. The file
variable specifies the name of the log file you previously specified in the /etc/syslog.conf file. The syslogd daemon automatically cre-
ates a new date directory every 24 hours and also when you boot the system. The current directory is a link to the latest date directory.
To get the latest logs, you only need to reference the /var/adm/syslog.dated/current directory.
EXAMPLES
The following is a sample /etc/syslog.conf file: # # syslogd config file # # facilities: kern user mail daemon auth syslog lpr binary #
priorities: emerg alert crit err warning notice info debug # kern.debug /var/adm/syslog.dated/kern.log user.debug /var/adm/sys-
log.dated/user.log daemon.debug /var/adm/syslog.dated/daemon.log auth.crit;syslog.debug /var/adm/syslog.dated/syslog.log mail,lpr.debug
/var/adm/syslog.dated/misc.log msgbuf.err /var/adm/crash.dated/msgbuf.savecore kern.debug /var/adm/messages kern.debug /dev/console *.emerg
*
FILES
/etc/syslog.conf
/etc/syslog.auth - Authorization file for remote logging.
/usr/include/sys/syslog_pri.h - Common components of a syslog event log record.
RELATED INFORMATION
Commands: /usr/sbin/syslogd(8), /usr/sbin/binlogd(8)
System Administration delim off
syslog.conf(4)