The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Syslog + Large File Support
TyrantCow
Registered User regular
Registered User regular
A bit of a 2-parter, some noobie linux admin stuff...
I have my firewall dumping logs to an Ubuntu machine via syslog. I got syslog setup and accepting the logs, and that's great. I configured syslog to save all the logs coming from the firewall to a seperate log file, SSG140.log.
Right now, I'm logging... a lot, everything the firewall touches. I want to get a good feel for the traffic, and develop the appropriate rule-set before I quit logging the uninteresting traffic. Logs are getting big fast.
So, the questions:
Can I configure syslog to log just to the desired log (SSG140.log), rather than logging to /var/log/syslog, /var/log/messages, and /var/log/SSG140.log. I really don't want all that firewall traffic mucking up those other logs; but, it seems to be some sort of default configuration.
How do I tell ubuntu to let me create files larger than 2GB? Right now as soon as the logs hit 1.99999GB they just stop, nothing more gets logged for the day, until logrotate does it's thing and compresses the previous day.
I have my firewall dumping logs to an Ubuntu machine via syslog. I got syslog setup and accepting the logs, and that's great. I configured syslog to save all the logs coming from the firewall to a seperate log file, SSG140.log.
Right now, I'm logging... a lot, everything the firewall touches. I want to get a good feel for the traffic, and develop the appropriate rule-set before I quit logging the uninteresting traffic. Logs are getting big fast.
So, the questions:
Can I configure syslog to log just to the desired log (SSG140.log), rather than logging to /var/log/syslog, /var/log/messages, and /var/log/SSG140.log. I really don't want all that firewall traffic mucking up those other logs; but, it seems to be some sort of default configuration.
How do I tell ubuntu to let me create files larger than 2GB? Right now as soon as the logs hit 1.99999GB they just stop, nothing more gets logged for the day, until logrotate does it's thing and compresses the previous day.
TyrantCow on
0