The best way to achieve this, in my opinion, is something along these lines:
The extra tick is the flags(final) part, which tells syslog-ng that if a message ends up routed to that logpath, it will not arrive to others. Without this, a message will end up on all logpaths that do not filter it out.
Hope that helps!
Hi,
thanks a lot for this ... it works, for the "publickey"-messages .- they´ll be filtered out,
but unfortunately the syslog-status-messages will not be forwarded to the Log-Server.
Do you have an idea why not?
This is on a HP-UX system.
I need to merge the 2 reports, for each line in syslog I need to lookup who was logged in to the pts/# based on the time from the last.txt report.
Here is what I get from sulog.log
cat syslog | grep "su:" | grep "Jun 14"
Jul 14 08:02:48 server1 su: - 2 ... (8 Replies)
Hi guys,
I know that this topic has been discuss numerous times, and I have search the net and this forum for it.
However, non able to address the problem I faced so far.
I am on Solaris Platform and unable to install additional packages like the GNU date and gawk to make use of their... (5 Replies)
Hi all,
I need your help to explain how I can extract a time span from the syslog messages file on a Solaris 10 system.
Here is an example extract of the syslog messages:
Dec 4 11:51:38 hajap141-0107.nls.jlrint.com 267938: Dec 4 11:51:36: %DOT11-6-DISASSOC: Interface Dot11Radio0,... (4 Replies)
I have a cluster of two Solaris server (veritas cluster). one working and the other is standby
I am going to change the date on them , and am looking for a secure solution as it is giving an important service.
my opinion is that the active one doesn't need to be restarted (if I don't change the... (1 Reply)
I needed some help in adding a duration (in seconds) to a start time (in hhmmss format) and a start date (in mmddyy format) in order to get an end date and end time. The concept of a leap year is also to be considered while incrementing the day. The code/ function that I have formed so far is as... (3 Replies)
Hi guys thanks for the help for my previous posts.Now i have a requirement that i download a XMl file which has UTC time stamp.I need to convert UTC time into Unix server timezone.
For ex if the time zone of unix server is CDT then i need to convert into CDT.whatever may be the system time... (5 Replies)
Dear all,
I am kindly seeking assistance on the following issue.
I am working with data that is sampled every 0.05 hours (that is 3 minutes intervals) here is a sample data from the file
5.00000 15.5030
5.05000 15.6680
5.10000 16.0100
5.15000 16.3450
5.20000 16.7120
5.25000... (4 Replies)
Hi All,
I have one file which contains time for request and response.
I want to calculate time difference in milliseconds for each line.
This file can contain 10K lines.
Sample file with 4 lines.
for first line.
Request Time: 15:23:45,255
Response Time: 15:23:45,258
Time diff... (6 Replies)
Discussion started by: Raza Ali
6 Replies
LEARN ABOUT OSF1
syslog.conf
syslog.conf(4) Kernel Interfaces Manual syslog.conf(4)NAME
syslog.conf - syslogd configuration file
SYNOPSIS
facility.severity destination Where: Is part of the system generating the message, specified in /usr/include/sys/syslog_pri.h.
See also the syslogd(8) reference page. The severity level, which can be emerg, alert, crit, err, warning, notice, info, or debug. See
/usr/include/sys/syslog_pri.h.
The syslogd daemon logs all messages of the specified severity level plus all messages of greater severity. For example, if you
specify level err, all messages of levels err, crit, alert, and emerg or panic are logged. A local file pathname to a log file, a
host name for remote logging or a list of users. In the latter case the users will receive messages when they are logged in. An
asterisk (*) causes a message to be sent to all users who are currently logged in.
DESCRIPTION
The /etc/syslog.conf file is a system file that enables you to configure or filter events that are to be logged by syslogd. You can specify
more than one facility and its severity level by separating them with semicolons.
You can specify more than one facility logs to the same file by separating the facilities with commas, as shown in the EXAMPLES section.
The syslogd daemon ignores blank lines and lines that begin with an octothorpe (#). You can specify # as the first character in a line to
include comments in the file or to disable an entry. The facility and severity level are separated from the destination by one or more tab
characters.
If you want the syslogd daemon to use a configuration file other than the default, you must specify the file name with the following com-
mand: # syslogd -f config_file
Daily Log Files
You can specify in the /etc/syslog.conf file that the syslogd daemon create daily log files. To create daily log files, use the following
syntax to specify the path name of the message destination: /var/adm/syslog.dated/ { file} The file variable specifies the name of the log
file, for example, mail.log or kern.log. If you specify a /var/adm/syslog.dated/file path name destination, each day the syslogd daemon
creates a sub-directory under the /var/adm/syslog.dated directory and a log file in the sub-directory, using the following syntax:
/var/adm/syslog.dated/ date / file Where: The date variable specifies the day, month, and time that the log file was created. The file
variable specifies the name of the log file you previously specified in the /etc/syslog.conf file. The syslogd daemon automatically cre-
ates a new date directory every 24 hours and also when you boot the system. The current directory is a link to the latest date directory.
To get the latest logs, you only need to reference the /var/adm/syslog.dated/current directory.
EXAMPLES
The following is a sample /etc/syslog.conf file: # # syslogd config file # # facilities: kern user mail daemon auth syslog lpr binary #
priorities: emerg alert crit err warning notice info debug # kern.debug /var/adm/syslog.dated/kern.log user.debug /var/adm/sys-
log.dated/user.log daemon.debug /var/adm/syslog.dated/daemon.log auth.crit;syslog.debug /var/adm/syslog.dated/syslog.log mail,lpr.debug
/var/adm/syslog.dated/misc.log msgbuf.err /var/adm/crash.dated/msgbuf.savecore kern.debug /var/adm/messages kern.debug /dev/console *.emerg
*
FILES
/etc/syslog.conf
/etc/syslog.auth - Authorization file for remote logging.
/usr/include/sys/syslog_pri.h - Common components of a syslog event log record.
RELATED INFORMATION
Commands: /usr/sbin/syslogd(8), /usr/sbin/binlogd(8)
System Administration delim off
syslog.conf(4)