Syslog to a Remote Server
I have an embedded firewall (running pfsense on a WRAP board) and am having the logs sent to a linux box. The events show up fine in /var/log/messages but I want to have them logged to their own dedicated file - /var/log/firewall.log. I am having problems with syslog and setting this up in syslog.conf. Anyone know how to do this correctly?
The logfiles look like this (IPs removed): May 6 01:10:28 firewall pf: 3. 290806 rule 51/0(match): block in on sis1: (tos 0x20, ttl 112, id 7126, offset 0, flags [none], proto: UDP (17), length: 1091) OUTSIDE_IP > INSIDE_IP: UDP, length 1063 Thanks! |
i'd suggest you ditch syslog and use syslog-ng instead, it makes a vastly better server when other machines use it too.
|
All times are GMT -5. The time now is 06:19 PM. |