LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page grep in syslog.conf
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 11-15-2005, 12:27 AM   #1
komo
LQ Newbie
 
Registered: Jul 2005
Location: Yk, INA
Distribution: Slackware
Posts: 3

Rep: Reputation: 0
Question grep in syslog.conf

i wonder, is it possible to use grep in the /etc/syslog.conf file like this:
kern.=info | grep IPTABLES -/var/log/iptables

if it's not possible, is there some way around to do the task to log ONLY the kernel info that include "IPTABLES" string???

Any help will be much appeciated. Thanks.
 
Old 11-15-2005, 03:27 PM   #2
Que_273
Member
 
Registered: Nov 2005
Location: South coast
Distribution: Debian /AMD64
Posts: 48

Rep: Reputation: 15
I've wanted the same thing for a bit. I've heard that syslog-ng (next generation) daemon has regex capabilites, enabling you to sort messages by content, but I haven't set anything up yet. I might post an example setup if I get one working.

Hoping this helps to put you on the right path...
 
Old 11-16-2005, 04:56 AM   #3
Que_273
Member
 
Registered: Nov 2005
Location: South coast
Distribution: Debian /AMD64
Posts: 48

Rep: Reputation: 15
It's actually very simple to set up.
The default configuration is set up to be the same as (the old) syslog and these are the extra rules I added.
Code:
destination df_iptables { file("/var/log/iptables"); };

filter f_iptables { match(".*IPTABLES.*"); };

log {
  source(s_all);
  filter(f_iptables);
  destination(df_iptables);
  flags(final);
}
This last rule needs to be put BEFORE the "syslog" one as the "final" flag prevents the iptables logs going into syslog. Useful if you have a lot of them.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Grep Syslog - email shell script voodoofxz Linux - Newbie 1 09-06-2005 04:27 PM
How to edit /etc/syslog.conf (last message repeated...) slackaddict Slackware 2 11-23-2004 04:21 AM
syslog.conf, can you log to console? stakhous Linux - Newbie 1 07-31-2004 12:22 AM
syslog-ng conf confusion cyph3r7 Linux - Software 0 07-06-2004 11:02 PM
edit /etc/syslog.conf wedgeworth Linux - Software 3 04-08-2004 01:58 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 05:31 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration