Re: [FW-1] Help with syslog stuff

[Gabriel Neagoe]

Title: Help with syslog stuff

Hello

 

the syslog configuration file is /etc/syslog.conf

 

the configuration lines are smth like "facility.severity    destination_file"

i don't know (has to be somewhere in the checkpoint documentation) what are the facility and severity that checkpoint uses, but after you find these you just have to add at the begining of /etc/syslog.conf

checkpoint_facility.checkpoint_severity        /var/log/checkpoint_log

and restart syslog

 

messages  printed on screen are directed to device file  /dev/console

 

-----------------------------------------------------------
Gabriel Neagoe
Networking solutions senior consultant
S&T Romania
Cisco Certified Networking Professional
Cisco Certified Design Associate
HP Openview Certified Consultant
Checkpoint Certified Security Expert
phone: +4021 233 27 00
fax: +4021 233 27 01
<http://www.snt.ro/>
-------------------------------------------------------------------

-----Original Message-----
From: Lenny Sanchez [mailto:[EMAIL PROTECTED]]
Sent: 17 October 2002 16:26
To: [EMAIL PROTECTED]
Subject: [FW-1] Help with syslog stuff

I'm getting this echoed to me at the command prompt:Oct 17 10:18:16 <firewall> [LOG_CRIT] kernel:   <a010a02,a1,a01060e,0,11;0,4000,0>  <0 : =0 22>

It was mentioned to me that it's the state tables syncing.  If I do a man syslog, I get no manual entry for syslog.  But,  if I cat the /var/log/messages file on one firewall, the data is being written to it.  The other firewall, it's not.  How can I make it so it echoes to a specific log file for both, and stops annoyingly echoing to the command line.  I tried to make changes to the properties, log and alerts tab, but not successful.

Thanks