Quote:
Originally Posted by sag47
rsyslog is the system logging utility. You generally don't want to disable logging on a server. Otherwise you'll be flying blind and could be hacked or attacked but not even know it because you have logging disabled.
|
Thanks. I started looking at system logs and found a huge amount of data in three of them. I am going to set up a cron to empty them at least daily. This grabbed back about 10MB. The logs I looked at are (the ones indented were the worst):
> cat /dev/null > /var/log/auth.log
cat /dev/null > /var/log/syslog
cat /dev/null > /var/log/daemon.log
cat /dev/null > /var/log/kern.log
cat /dev/null > /var/log/lpr.log
> cat /dev/null > /var/log/mail.log
cat /dev/null > /var/log/user.log
> cat /dev/null > /var/log/mail.info
> cat /dev/null > /var/log/mail.warn
cat /dev/null > /var/log/mail.err
cat /dev/null > /var/log/news/news.crit
cat /dev/null > /var/log/news/news.err
cat /dev/null > /var/log/news/news.notice