[ale] F10, rsyslog, and incoming remote logs

Mills John M-NPHW64 Jmills at motorola.com
Tue Jul 14 12:18:52 EDT 2009


Recap: I need to capture and collect remote syslogd messages sent to my F10 system which runs 'rsyslogd'.

Jim, ALErs -

Thanks for the note. I made some headway but still have a question about '/etc/rsyslogd.conf'.

1. My total failure to receive messages from remote senders was apparently a domain partitioning issue on our network. I moved to different sub-domain and now I copy.

2. The UDP/port 514 server seems to be started properly with:
...
# Provides UDP syslog reception
$ModLoad imudp.so
$UDPServerRun 514
...

3. I successfully write the incoming traffic to a particular file with:
...
# Save external messages to ext_src.log
:fromhost-ip, startswith, "10."                         /var/log/ext_src.log
...

(I don't really need any IP filtering except that the message originated externally, but this is fine for the moment.)

QUESTION: How can I _stop_ the incoming traffic from remote servers from also appearing on '/var/log/messages'?

Thanks for any further guidance.

 - Mills

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 3081 bytes
Desc: not available
Url : http://mail.ale.org/pipermail/ale/attachments/20090714/579b18a6/attachment.bin 


More information about the Ale mailing list