This is an old revision of the document!
[hostX:~] # rcsdiff /usr/local/etc/clamd.conf 14c14 < LogFile /var/log/clamav/clamd.log --- > # LogFile /var/log/clamav/clamd.log 43c43 < #LogSyslog yes --- > LogSyslog yes 48c48 < #LogFacility LOG_MAIL --- > LogFacility LOG_LOCAL6 [hostX:~] # /usr/local/etc/rc.d/clamav-clamd reload
man syslog.conf
[hostX:~] # shutdown -p 17:30 [hostX:~] # logger -t clamd -p kern.emerg 'Kernel Panic' [hostX:~] # cat syslog.conf ... local6.* /var/log/clamd.log ... [hostX:~] # touch /var/log/clamd.log [hostX:~] # /etc/rc.d/syslogd reload [hostX:~] # clamdscan virus.zip
[hostX:~] # cat /etc/newsyslog.conf ... /var/log/clamd.log 600 7 10 * J [hostX:~] # cat logger.sh while : do logger -t clamd -p local7.info "Message 1" logger -t clamd -p local7.info "Message 2" done [hostX:~] # sh logger.sh ... <Ctrl>-C [hostX:~] # tail -f /var/log/clamd.log ... <Ctrl>-C [hostX:~] # newsyslog [hostX:~] # ls -l /var/log/clamd.log*
[hostX:~] # cat /etc/rc.conf ... syslogd_flags="-a 192.168.X.0/24"
Сокращенная форма 192.168.X/24 не распознается!
[hostX:~] # /etc/rc.d/syslogd restart
[gate:~] # cat /etc/syslog.conf *.* @hostX ... [gate:~] # /etc/rc.d/syslogd restart
[hostX:~] # cat syslog.sh #!/bin/sh while read m do if expr "$m" : '.*login.*' > /dev/null then echo $m | mail -s login root fi done [hostX:~] # chmod +x syslog.sh [hostX:~] # cat /etc/syslog.conf ... auth.* | /root/syslog.sh ...