You need to configure your syslogd to store the messages elsewhere.
You need to edit your /etc/syslog.conf configuration file.
All syslog messages are stamped with a {facility}.{prority} pair.
The messages you are filtering are of the facility type "kern". You
probably want "kern.info" for packet logs, but you may wish to redirect
all "kern.*" messages to another file.
Find the line that says /var/log/messages. Add "kern.none". This should
stop the above messages making it into the messages file.
Add a line to store the packet logs to another file:
kern.* /var/log/kernlog
Debian includes this by default.
You will also want to add this new logfile to your logrotate scripts so
this file doesn't grow out of control and eat all available disk space.
- Ian C. Blenke <icblenke@nks.net> <ian@blenke.com>
http://ian.blenke.com
On Wed, 2002-09-04 at 08:33, Larry Sanders wrote:
> I like the iptables loging function for rejected packets.
> Currently the log entries are appended to the file
> /var/log/messages which are 6 to 10 Mb when lots of
> probes are dropped.
> How do I direct these logs to another file??
> say /var/log/netdrop
> Where is this documented? I've read some but it seems
> to assume common knowledge about logging.
> TIA
> Larry :-)
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:36:33 EDT