syslog configuration
William Muriithi
william.muriithi-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Mon Mar 16 21:41:24 UTC 2009
Redelmeier,
Thanks for your assistance. You helped by pointing a couple of point
that lead me in the proper direction. Like that syslog has only
limited facilities.
> | Added "snmpd.none" on the 7th line in syslog.conf file :
> | *.info;mail.none;authpriv.none;cron.none;snmpd.none /var/log/messages
> |
> | Then added this line at the end of the file
> |
> | local1.* -/var/log/snmpd.log
> |
> | Then restarted syslog. It came up, but complained it has no idea what snmpd meant. And nothing changed, snmp keep pushing crap on the message file.
>
Just in case it may assist someone else, here is how to go about it.
Create the file below
vi /etc/snmp/snmpd.options
And have the following as its content
OPTIONS=”-Ls 3 -Lf /dev/null -p /var/run/snmpd.pid -a”
Essentially, that tell snmp not send logs to a file called dev/null
and also log them through syslog facility local3
Restart snmpd
Then, do the following changes on syslog config file
vi /etc/syslog.conf
change this line:
.info;mail.none;authpriv.none;cron.none /var/log/messages
to
.info;mail.none;authpriv.none;cron.none;local3.none /var/log/messages
That is important to suppress snmp default behaviour. It insist on
logging as a daemon even after above change
Then add the following line some where at the bottom of the same file
local3.notice /var/log/snmpd.log
Save the changes on syslog.conf and restart syslog
It should work as now. This is redhat specific.
Regards,
William
> | No luck. I have also looked through the snmp manual and it found nothing helpful there.
>
> Read rsyslog.conf(5) (at least on my system, Fedora 10).
>
> The format of a selector is facility.priority. "snmpd" isn't a
> facility.
>
> The facility is one of the following keywords: auth, authpriv,
> cron, daemon, kern, lpr, mail, mark, news, security (same as
> auth), syslog, user, uucp and local0 through local7. The keyword
> security should not be used anymore and mark is only for internal
> use and therefore should not be used in applications. Anyway, you
> may want to specify and redirect these messages here. The
> facility specifies the subsystem that produced the message, i.e.
> all mail programs log with the mail facility (LOG_MAIL) if they
> log using syslog.
>
> That explains your error message. I don't remember at the moment how
> one is supposed to do what you want to do.
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
--
For a list of all the ways technology has failed to improve the
quality of life, please press three.
—Alice Kahn
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list