[NTLUG:Discuss] Alternate Location For Packet Log

[George Lass]

I don't have any specific info concerning packet logging, but I had a
similar problem with xntpd.  I wanted it to log to its own file rather
than /var/log/messages.  Here is what I did....

First of all I was dealing with a source distribution so I found all
of the occurances of calls to syslog.  For the most part the logging
facility was LOG_LOCAL0.  With this info in hand, I added the following
line to /etc/syslog.conf:

local0.*                    /var/log/xntpd_log

Then I added a file (I called it xntpd) to /etc/logrotate.d to rotate
my log files each day, and keep 1 week of "backups":

/var/log/xntpd_log {
       rotate 7
       nocompress
       daily
       postrotate
            /usr/bin/killall -HUP syslogd
       endscript
}

In your case the trick will be trying to figure out what "facility" your
packet logger is using....

Hope this helps,

George









Jason Ferguson wrote:
> 
> Having finally gotten a "good" (read: non-USB) DSL modem, Im planning on
> setting up my home network this weekend (been so long Im a few kernel
> versions behind... the horror!)
> 
> However, here's a question I asked my last LUG (before I moved) and never
> got an answer I really liked:
> 
> - Is it possible to direct entries from packet logging to somewhere besides
> the normal syslog?
> 
> The reason I ask this: when something goes wrong on my system, I like to be
> able to type dmesg and see what hardware was detected at startup.  If the
> packet responses are too plentiful, the system info is gone.
> 
> I just want a nice, clean log file filled with JUST the packet info. Any
> suggestions?
> 
> Jason
> 
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss