Sma11T0wnITGuy
2008-12-11 14:35:06 UTC
I'm an OpenBSD noob.
I'm setting up an OpenBSD Syslog Server. It will be the only device plugged
into a particular switchport off its own VLAN on a switchcard in a Router.
I'm running OpenBSD 4.3 with all applicable patches.
The Syslog Server will not resolve any names, just accept log entries from
the router, so I'd like to specify the -n option and the -u option.
I've read the man pages for syslogd and syslog.conf, but I can't figure out
how to get the daemon to start with the desired options. I must be missing
or misunderstanding something in the man pages, or looking in the wrong
places. Can someone help me define the startup options for syslogd, and
tell me where to do so?
Here's my syslog.conf file:
# cat /etc/syslog.conf
# $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $
#
*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none /var/log/messages
kern.debug;syslog,user.info /var/log/messages
auth.info /var/log/authlog
authpriv.debug /var/log/secure
cron.info /var/cron/log
daemon.info /var/log/daemon
ftp.info /var/log/xferlog
lpr.debug /var/log/lpd-errs
mail.info /var/log/maillog
#uucp.info /var/log/uucp
# Uncomment this line to send "important" messages to the system
# console: be aware that this could create lots of output.
#*.err;auth.notice;authpriv.none;kern.debug;mail.crit /dev/console
# Uncomment this to have all messages of notice level and higher
# as well as all authentication messages sent to root.
*.notice;auth.debug root
# Everyone gets emergency messages.
*.emerg *
# Uncomment to log to a central host named "loghost". You need to run
# syslogd with the -u option on the remote host if you are using this.
# (This is also required to log info from things like routers and
# ISDN-equipment). If you run -u, you are vulnerable to syslog bombing,
# and should consider blocking external syslog packets.
#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost
#auth,daemon,syslog,user.info;authpriv,kern.debug @loghost
# Uncomment to log messages from sudo(8) and chat(8) to their own
# respective log files. Matches are done based on the program name.
# Program-specific logs:
!sudo
*.* /var/log/sudo
!chat
*.* /var/log/chat
# This line added to accept log files from Router
*.* /var/log/router
#
I'm setting up an OpenBSD Syslog Server. It will be the only device plugged
into a particular switchport off its own VLAN on a switchcard in a Router.
I'm running OpenBSD 4.3 with all applicable patches.
The Syslog Server will not resolve any names, just accept log entries from
the router, so I'd like to specify the -n option and the -u option.
I've read the man pages for syslogd and syslog.conf, but I can't figure out
how to get the daemon to start with the desired options. I must be missing
or misunderstanding something in the man pages, or looking in the wrong
places. Can someone help me define the startup options for syslogd, and
tell me where to do so?
Here's my syslog.conf file:
# cat /etc/syslog.conf
# $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $
#
*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none /var/log/messages
kern.debug;syslog,user.info /var/log/messages
auth.info /var/log/authlog
authpriv.debug /var/log/secure
cron.info /var/cron/log
daemon.info /var/log/daemon
ftp.info /var/log/xferlog
lpr.debug /var/log/lpd-errs
mail.info /var/log/maillog
#uucp.info /var/log/uucp
# Uncomment this line to send "important" messages to the system
# console: be aware that this could create lots of output.
#*.err;auth.notice;authpriv.none;kern.debug;mail.crit /dev/console
# Uncomment this to have all messages of notice level and higher
# as well as all authentication messages sent to root.
*.notice;auth.debug root
# Everyone gets emergency messages.
*.emerg *
# Uncomment to log to a central host named "loghost". You need to run
# syslogd with the -u option on the remote host if you are using this.
# (This is also required to log info from things like routers and
# ISDN-equipment). If you run -u, you are vulnerable to syslog bombing,
# and should consider blocking external syslog packets.
#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost
#auth,daemon,syslog,user.info;authpriv,kern.debug @loghost
# Uncomment to log messages from sudo(8) and chat(8) to their own
# respective log files. Matches are done based on the program name.
# Program-specific logs:
!sudo
*.* /var/log/sudo
!chat
*.* /var/log/chat
# This line added to accept log files from Router
*.* /var/log/router
#
--
View this message in context: http://www.nabble.com/How-to-start-Syslogd-with--u-and--n-options-tp20956554p20956554.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.
View this message in context: http://www.nabble.com/How-to-start-Syslogd-with--u-and--n-options-tp20956554p20956554.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.