06-05-2015
The syslog is usually configured by either /etc/syslog.conf or /etc/rsyslog.conf depending on your version (which I don't have, so cannot check)
Be aware that the files usually need to exist when the syslog daemon (re-)reads the config file.
What do you have configured? Are you wanting to actively log messages (use logger and the syslog daemon) or are you wanting to track activities automatically (user audit daemon) I've had real trouble with auditing flooding the server, so I've never persisted.
Robin
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I am responsible for administering 6 Tru64UX servers.
I need to keep an eye on all the commands executed by all the users.
Is there a way where I can save the commands executed in a seperate folder and then keep checking the list every now and then.
How can do it ? (5 Replies)
Discussion started by: shauche
5 Replies
2. UNIX for Advanced & Expert Users
Hi!! Experts,
I have a typical scenario here in which several users have access to a particular login .. say "build".
None of the users know the passwd for this login.
The name of some of the user have been to .rhosts file.
The users can connect only by doing a rlogin to this id and then... (4 Replies)
Discussion started by: jyotipg
4 Replies
3. Shell Programming and Scripting
hi,
i need help writing shell scripts to define patterns of user activities on our apache.
i thought about going through logfiles and other places where user activities are stored and use that data to define patterns of action. i want these patterns to be visualized then.
now my... (3 Replies)
Discussion started by: rocketkids
3 Replies
4. Shell Programming and Scripting
I need my for loop to do 2 things at a time. I have a script where I move the old files into archive directory and then i want to compress them. Presently I am using 2 for loops for it. How can i do it in 1 for loop.
Code:
after this i am compresing them in another for loop: (3 Replies)
Discussion started by: dsravan
3 Replies
5. Solaris
Hello,
I'm administrating new installed cluster that runs Legato Networker and Oracle 9. And I want to restrict the use of root to my self and givr the application and DBA the proper and needed privileges to do their duties without hassle in addition I would like to log users activities.
my... (0 Replies)
Discussion started by: sh_ksa
0 Replies
6. Shell Programming and Scripting
Hi all,
I want to automate a set of activities i am doing daily.the activities in the order are:
1.loging in to the unix box.
2.sudo su - tsiap, give pwd
3. cd appsrv
4. cd log
5. run the below cmd one by one, if you find any query which has run for more than 5 secs, open the... (1 Reply)
Discussion started by: cybersandex
1 Replies
7. Programming
How I can get the current make-file name in a make-file
So, if I run make with specified file:make -f target.mak
is it possible to have the 'target' inside of the that 'target.mak' from the file name? (2 Replies)
Discussion started by: alex_5161
2 Replies
8. Shell Programming and Scripting
hi I need a shell script which runs perpetually in background and monitors different aspects of different users on different files and their usages
for example say there r 3 users
so i want when they log in i.e. their log in time and their file access, modify and change log of each file of a... (3 Replies)
Discussion started by: rrd1986
3 Replies
9. Solaris
Greetings to all.
I need help from the experts. I have been given a FTP server script that runs all day, looking for files that are FTP'd to our machines. Its hoaky I know, but there are times that files are sent but somehow get lost. Is there a logfile I can view to see when files are received?
... (1 Reply)
Discussion started by: Harleyrci
1 Replies
10. Programming
Dear Team
I am using DB2 v10 z/os database . Need expert guidance to figure out best way to track table activities ( Ex Delete, Insert,Update )
Scenario
We have a table which is critical and many developer/testing team access on daily basis . We had instance where some deleted entire table .... (1 Reply)
Discussion started by: Perlbaby
1 Replies
LEARN ABOUT OSF1
syslog.conf
syslog.conf(4) Kernel Interfaces Manual syslog.conf(4)
NAME
syslog.conf - syslogd configuration file
SYNOPSIS
facility.severity destination Where: Is part of the system generating the message, specified in /usr/include/sys/syslog_pri.h.
See also the syslogd(8) reference page. The severity level, which can be emerg, alert, crit, err, warning, notice, info, or debug. See
/usr/include/sys/syslog_pri.h.
The syslogd daemon logs all messages of the specified severity level plus all messages of greater severity. For example, if you
specify level err, all messages of levels err, crit, alert, and emerg or panic are logged. A local file pathname to a log file, a
host name for remote logging or a list of users. In the latter case the users will receive messages when they are logged in. An
asterisk (*) causes a message to be sent to all users who are currently logged in.
DESCRIPTION
The /etc/syslog.conf file is a system file that enables you to configure or filter events that are to be logged by syslogd. You can specify
more than one facility and its severity level by separating them with semicolons.
You can specify more than one facility logs to the same file by separating the facilities with commas, as shown in the EXAMPLES section.
The syslogd daemon ignores blank lines and lines that begin with an octothorpe (#). You can specify # as the first character in a line to
include comments in the file or to disable an entry. The facility and severity level are separated from the destination by one or more tab
characters.
If you want the syslogd daemon to use a configuration file other than the default, you must specify the file name with the following com-
mand: # syslogd -f config_file
Daily Log Files
You can specify in the /etc/syslog.conf file that the syslogd daemon create daily log files. To create daily log files, use the following
syntax to specify the path name of the message destination: /var/adm/syslog.dated/ { file} The file variable specifies the name of the log
file, for example, mail.log or kern.log. If you specify a /var/adm/syslog.dated/file path name destination, each day the syslogd daemon
creates a sub-directory under the /var/adm/syslog.dated directory and a log file in the sub-directory, using the following syntax:
/var/adm/syslog.dated/ date / file Where: The date variable specifies the day, month, and time that the log file was created. The file
variable specifies the name of the log file you previously specified in the /etc/syslog.conf file. The syslogd daemon automatically cre-
ates a new date directory every 24 hours and also when you boot the system. The current directory is a link to the latest date directory.
To get the latest logs, you only need to reference the /var/adm/syslog.dated/current directory.
EXAMPLES
The following is a sample /etc/syslog.conf file: # # syslogd config file # # facilities: kern user mail daemon auth syslog lpr binary #
priorities: emerg alert crit err warning notice info debug # kern.debug /var/adm/syslog.dated/kern.log user.debug /var/adm/sys-
log.dated/user.log daemon.debug /var/adm/syslog.dated/daemon.log auth.crit;syslog.debug /var/adm/syslog.dated/syslog.log mail,lpr.debug
/var/adm/syslog.dated/misc.log msgbuf.err /var/adm/crash.dated/msgbuf.savecore kern.debug /var/adm/messages kern.debug /dev/console *.emerg
*
FILES
/etc/syslog.conf
/etc/syslog.auth - Authorization file for remote logging.
/usr/include/sys/syslog_pri.h - Common components of a syslog event log record.
RELATED INFORMATION
Commands: /usr/sbin/syslogd(8), /usr/sbin/binlogd(8)
System Administration delim off
syslog.conf(4)