Can you post your syslog.conf ? Your messages should only go where you tell them (ah... of course...). I leave some info on both the local and remote, just in case... I think you could probably filter the udp port /traffic that syslog uses, if you need to make sure only authorized hosts write to your syslog machine. In my world (again), I kind of deicided that log server is for everyone -- I have a huge disk and run some monitors on the logs to be kept aware of file sizes, etc. -gary ----- Original Message ----- From: "skop ganu" <skopat_private> To: <loganalysisat_private> Sent: Monday, November 26, 2001 7:51 PM Subject: [logs] syslogd - parallel logging hi all, thanks for all the reply :) sorry for not trying it earlier anyway still have some problem as this ; on the server when i specify in /etc/syslog.conf ; local3.info @client-one-file , still the messages goes parallel to /var/log/messages and /var/log/client-one-file. anyway is there any 'security precaution' should syslogd be ? with my experiment anyone could easily point their machine to my log server (in /etc/syslog.conf ; local3.info @192.168.0.1) so my server would received it and /var/log/messages would be fill with it. -skop ___________________________________________________________________________ Visit http://www.visto.com. Find out how companies are linking mobile users to the enterprise with Visto. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Nov 27 2001 - 04:44:52 PST