logging errors [ was: logrotate problem resolved]

[Duston, Hal]

Brian,

Syslogd is doing it.  Basically, you need to look into syslog.conf,
and see where you want to send them.  Then you mark them so 
that syslogd will send them to the correct place.  Yes, you 
can use numbers, but I am not sure exactly where to look them up.
man syslogd and man syslog.conf may be of some assistance there.

Hal

Brian Densmore [mailto:DensmoreB at ctbsonline.com] wrote:
> Hal,
> 
>  Thanks. Do I need to use the name DEBUG or will an integer 
> like 2 work?
> I think I have a log-level of two set on some of the rules. 
> 
> Why is it echoing to the screen? Actually it echoes to any screen I
> switch to. Logged in or not. It's like a wall broadcast or something,
> right? Any way to disable that? These are daemon messages as far as
> syslog is concerned, right?
> 
> Thanks again,
> Brian
> 
> 
> 
> Duston, Hal [mailto:hdusto01 at sprintspectrum.com] wrote:
> > Brian Densmore [mailto:DensmoreB at ctbsonline.com] wrote:
> > > Let me restate my problem. My -=firewall=- is  logging 
> > > unauthorized attempts to access services/ports, and in 
> > > addition to putting the entry in the log file, it is 
> > > also echoing that record to the screen. The messages 
> > > echoed to the screen are being created by iptables. 
> > > I know this because they have my log-prefix string 
> > > attached. The question is how do I tell 
> > > iptables/syslogd/klogd/kernel to not echo udp
> > > messages to the screen?
> > > 
> > > My rules state 
> > > iptables -A INPUT --blahblah -j LOG --log-prefix "FWALL: INPUT "
> > > iptables -A OUTPUT --blahblah -j LOG --log-prefix "FWALL: OUTPUT "
> > > iptables -A INPUT --blahblah -j DROP
> > > iptables -A INPUT --blahblah -j DROP
> > > 
> > > Brian
> > 
> > Add "--log-level debug" or whatever is appropriate
> > as gleaned from /etc/syslog.conf
> > 
> > Hal