Hi Everyone
I have been asking myself for quite some time why there was so much
redundancy in the content of /var/log files in a LEAF distro.
A typical example is when your ports are being scanned, that is when your
iptables messages starts increasing. You will find them in :
1/ kernel.log
2/ syslog
3/ messages
and your /var/log will get big, big,...
Which all boils down to the structure of /etc/syslog.conf which is attached
at the end of this message (this is the one used in Bering but leasily copied
from the one in Dachstein).
Has any one some ideas about the "optimal" way to setup this? I'll welcome
any feedback on this issue.
Jacques
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
#cron.* /var/log/cron.log
#lpr.* -/var/log/lpr.log
#mail.* /var/log/mail.log
#user.* -/var/log/user.log
#uucp.* -/var/log/uucp.log
#
# Some `catch-all' logfiles.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#ppp
local2.* -/var/log/ppp.log
#portslave
local6.* -/var/log/pslave.log
firewall: -root-
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
