login about faq

Im not able to see some log messages in solaris syslog, which I can see in my Linux box. What do I have to configure?

asked Dec 20 '10 at 12:59

SSH%20KB's gravatar image

SSH KB ♦
509249246237


Some Tectia log messages, such as the 'Auth_method_success' audit message, are configured by default as facility=auth and severity=informational (auth.info). These messages will display in Linux and other *nix o/s syslogs by default, but not in Solaris syslogs.

By default, Solaris comes configured to discard auth.info messages. In order to have these messages display in your syslogs, you must modify the /etc/syslog.conf to make sure syslogd is capturing auth.info messages instead of discarding them.<

This is an example; your syslog.conf configuration may vary depending on your environment and specific logging needs:

*.err;kern.debug;daemon.notice;mail.crit;auth.info /var/adm/messages

Be sure to restart syslogd after changing the config, making sure the /var/adm/messages file does exist before restarting the daemon ('touch /var/adm/messages' if necessary). Please consult your Solaris syslog.conf man page for further details on configuring syslogd.

link

answered Dec 20 '10 at 13:06

SSH%20KB's gravatar image

SSH KB ♦
509249246237

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×1

Asked: Dec 20 '10 at 12:59

Seen: 1,399 times

Last updated: Mar 14 '11 at 20:22

Related questions

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.