On Thu, 29 Aug 2002, Allen Crawford wrote: > > local4.* /var/log/pix > > Eventually I found out that things were now being logged twice, once to my > pix file above and once to /var/log/messages. > > My problem/question is that I'd like to have the PIX logs in a separate > file, one that gets rotated daily at midnight. In addition to that, I'd like > it to append the date as the suffix of the log's filename, such as > pix20020815. I would also prefer that the logs were automatically deleted > after say, 3 months, but that is the least of my worries right now. We may > just stick with a manual deletion anyway. > > If anyone can give me details on this, or if anyone else has already set > this up for their PIX, I'd greatly appreciate some examples, either online > or offline. > > By the way, I'm running Red Hat 7.3 for this. Forget standard syslog, use syslog-ng[1]. You can use filter, external command and so on.. You can also use the syslog over TCP with syslog-ng and the PIX. [1]http://www.balabit.hu/en/downloads/syslog-ng/ -- Alexandre Dulaunoy -- http://www.foo.be/ 3B12 DCC2 82FA 2931 2F5B 709A 09E2 CD49 44E6 CBCD --- AD993-6BONE "People who fight may lose. People who not fight have already lost." Bertolt Brecht _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Aug 29 2002 - 11:43:23 PDT