Firewall and router separate logs
I would like to sort a syslog central server in my lan and i did not find on any of my books(they aren't that many ... )and google decent guides to syslog facilities expecially the local0. local7. and how i can direct a program to write to it.I have a debian sarge 3.1 2.6 and i have put a -r options in the /etc/init.d/sysklog to make him act on the net and get logs sent by the front-router i have choose a facility for the local2.* belonging to cisco.routers i have a netgear and it's /var/log/netgear.log but it stays empty.Separates logs for netfilter too i read somewhere to have separate netfilter logs i have to put this "kern.=debug /var/log/firewall" in /etc/syslog.conf and it stays empty asswell , please help !
Looks like you are on the right track. Below is a copy/paste from my syslog.conf file.
NOTE: local2.none in second part. This keeps local2 events from logging in both files.
Yes i'm getting the logs i need but i have a messy syslog.conf now.For firewall logs i'm using target ULOG and pointed logcheck to send me a ULOGD report.The router is seeing the syslog server and sends reports regulary.As i sayd i have a messy syslog.conf:
Which is the right firewal one?
|All times are GMT -5. The time now is 04:00 AM.|