[1931] in RedHat Linux List
Syslog Problems
daemon@ATHENA.MIT.EDU (Niel Balsino)
Wed Oct 30 19:39:38 1996
Date: Wed, 30 Oct 1996 17:39:42 -0700
From: Niel Balsino <nbalsino@moltech.com>
To: redhat-list@redhat.com
CC: dodson@moltech.com
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Hi,
I am unable to get a Cisco external network device to automatically
generate system event and security messages to log files via syslog.
This is a Cisco Pix Firewall, and according to Cisco, it will log
messages to a Unix host. Cisco will only provide technical support up
to the point of making sure that their firewall is correctly pointing to
the Unix loghost, which they have verified that my firewall is correctly
doing. I am running Linux Red Hat 3.03 on an 83 Mhz Pentium Overdrive
CPU, Adaptec 1542 SCSI card, 2.0 GB HD, with 64MB RAM. I have consulted
the man pages for syslog.conf and syslogd, but cannot get syslog to
receive messages from the firewall. As a test with Cisco, I captured
the firewall messages using their Win95 syslog utility, so I know the
firewall is generating system messages correctly.
Here's the Unix commands entered per Cisco's instructions:
# mkdir /var/log/pix
# touch /var/log/pix/system
# touch /var/log/pix/resource
# touch /var/log/pix/security
# touch /var/log/pix/acct
And here are the selector and action pairs for /etc/syslog.conf:
# Security violations
local4.crit /var/log/pix/security
# Resource Depletion
local5.err /var/log/pix/resource
# Boot/login messages
local6.notice /var/log/pix/system
# Accounting Information
local7.info /var/log/pix/acct
No matter how I integrate the above lines into /etc/syslog.conf or vary
their order, syslog does not receive any messages from the Cisco
firewall. Of course, I send a hang up-HUP signal to the syslog pid
after making changes to the /etc/syslog.conf file, but it is all to no
avail.
Any help or suggestions to the Linux uniqueness of how its version
of syslog and syslog.conf work will be greatly appreciated. Thanks!
Regards, Niel Balsino
--
Niel Balsino Moltech Corporation
Computer Systems Administrator 9000 S. Rita Rd., Bldg. #061
nbalsino@moltech.com (520) 799-7594 Tucson, AZ 85747-9108
========================================================================
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-Errata
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
