This is an old revision of the document!
man syslog.conf
# shutdown -p 17:30 # logger -t kernel -p kern.emerg 'Kernel Panic' # logger -t sendmail -p mail.info 'Message from sendmail'
# cat /etc/syslog.conf
... local6.* /var/log/clamd.log !ppp ...
# touch /var/log/clamd.log # /etc/rc.d/syslogd reload
[server:~] # cat /etc/rc.conf
... syslogd_flags="-a 192.168.X.0/24:*" ...
[server:~] # cat /etc/syslog.conf
... local0.* /var/log/cisco.log !ppp ...
[server:~] # touch /var/log/cisco.log [server:~] # /etc/rc.d/syslogd restart [server:~] # tail -f /var/log/cisco.log
[cisco:~] # cat /etc/syslog.conf
... *.* @server !ppp ...
[cisco:~] # /etc/rc.d/syslogd restart
# cat /etc/newsyslog.conf
... /var/log/clamd.log 600 7 10 * J /var/log/httpd-access.log 644 10 1000 * JC /var/run/httpd.pid 30 /var/log/httpd-error.log 644 10 1000 * JC /var/run/httpd.pid 30 /var/log/httpd-ssl_request.log 644 10 1000 * JC /var/run/httpd.pid 30
# cat logger.sh
while : do logger -t clamd -p local7.info "Message 1" logger -t clamd -p local7.info "Message 2" done
# sh logger.sh ... <Ctrl>-C # tail -f /var/log/clamd.log ... <Ctrl>-C # newsyslog # ls -l /var/log/clamd.log*
# cat syslog.sh
#!/bin/sh while read m do if expr "$m" : '.*login.*' > /dev/null then echo $m | mail -s login root fi done
# chmod +x syslog.sh # cat /etc/syslog.conf
... auth.* | /root/syslog.sh !ppp ...