?
Solved

Configuring custom syslog facilities, Solaris 2.6

Posted on 2000-05-12
7
Medium Priority
?
707 Views
Last Modified: 2013-12-27
I am trying to create a custom facility and also trying to get the reserved local ones to work. My ultimate goal is to write apache access logs to this facilty and send them to another server.

I added this to syslog.conf

local0.info         /var/adm/web_access

and then used logger as follows:

logger -p local0.info "some mesg"

But this file never gets written too. I have restarted syslog (and even gone as far as rebooted the box)

I am trying to get syslog to write to this new file first, and then worry about routing it to another machine.

Any ideas?

Also, can a completely custom facility be created such as web.access as opposed to user.info for example?

Thanks,
Chuck

0
Comment
Question by:rhugga
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 

Expert Comment

by:etdey
ID: 2809455
Syslogd uses the M4 macro libraries. Thus, field delimeters are the TAB character. Are you putting a tab between the service filter (local0.info) and the log file name?
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 2818456
You can test the above by running syslog with the '-d' (debug) flag, which will cause it to print out what it thinks its rule base is.

Also, as for adding facilities, you can't do this unless you modify the source code to syslogd, logger, and syslog() on your system.  This is one of the biggest shortcomings of syslog (along with security concerns and the fact that the messaes are unformatted).  Like Brian Kernighan said (about X Windows) "Sometimes when you fill a vacuum it still sucks."
0
 
LVL 2

Expert Comment

by:ish
ID: 2851466
2 things:

#1:  the file /var/adm/web_access must exist, and must be writeable by your syslog.

#2: etdey is right, the TAB is the MOST IMPORTANT thing about this operation.    ONE SPACE in the line can hose your logging.

using vi on  the syslog.conf, try this

<esc>se list

this sill turn on SPECIAL CHARACTER LISTING, causing the TABS to all appear as ^I and carriage returns as $

here's an example of mine:
local7.notice^I^I^I/var/log/tcpd.log$    
local7.alert^I^I^I/var/log/tcpd-alert.log$

this causes my tcpd wrappers to log to a special set of files.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:ianB
ID: 2855576
We have opened up a new Solaris Topic Area.  

To increase the visibility of questions, we moved questions we felt
appropriate to the new Solaris Topic Area where they will be easier for
Solaris experts to find and answer. You may view your question at
http://www.experts-exchange.com/Computers/Operating_Systems/Solaris/

If you have any questions about the new topic area you can contact
Community Support by posting a comment at the following URL or by
emailing us at cs@experts-exchange.com.
http://www.experts-exchange.com/Customer_Service/Experts_Exchange/

Ian
Community Support @ Experts Exchange
0
 
LVL 3

Expert Comment

by:darinw
ID: 2969966
Hi rhugga,

Please come back and update your thread. What is your status? Have the comments the Experts have made helped you?

darinw
Customer Service
0
 
LVL 2

Accepted Solution

by:
ish earned 400 total points
ID: 3074230
I already answered this question, not sure how it become unlocked again...

Received email:
Regarding rhugga's question in the Experts Exchange Solaris
topic area titled "Configuring custom syslog facilities, Solaris 2.6"...

Congratulations! You earned 300 quality points and a grade of 'B' for
answering rhugga's question! These points will be added to
your expert score in the Solaris topic area.

rhugga also left a comment along with their grade.
0
 
LVL 5

Expert Comment

by:ianB
ID: 3110595
Answer accepted
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question