[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Setup syslog for firewall log message {Scanned}



Hi folks,

I'm trying to keep my /var/log/messages from getting cluttered w/ log messages from my firewall. So, I'm trying to setup in /etc/syslog.conf a different log to use for messages from my firewall. But, I can't figure out what I need to put in /etc/syslog.conf to acomplish this. Can anyone help?

Here is the firewall message which are now populating my /var/log/messages:

Jan 6 15:55:50 209.81.27.2 id=firewall sn=00B19C time="2005-01-06 15:55:57" fw=209.81.27.2 pri=6 c=1024 m=537 msg="Connection Closed" n=12370 src=209.81.27.2:4657:LAN dst=130.202.101.6:137:WAN proto=udp/netbios-ns sent=78

I want to move them to /var/log/firewall, so in my /etc/syslog.conf what do I need to put? I tried the following compinations and nothing worked:

#Firewall messages
firewall.*        /var/log/firewall
*.firewall       /var/log/firewall
id=firewall.*       /var/log/firewall
209.81.27.2.*       /var/log/firewall
*.209.81.27.2       /var/log/firewall

Thanks,

SW


-------------------------------------------------
       WPPi.com        |        WPPi.Net
-------------------------------------------------
 http://www.wppi.com   |  http://www.wppi.net
-------------------------------------------------
WPPi.com & WPPi.Net MailScanner Signature
This message has been scanned for viruses
and dangerous content by WPPi MailScanner,
and has been found to be clean.
-------------------------------------------------




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]