Im not able to see some log messages in solaris syslog, which I can see in my Linux box. What do I have to configure?
asked Dec 20 '10 at 12:59
SSH KB ♦
Some Tectia log messages, such as the 'Auth_method_success' audit message, are configured by default as facility=auth and severity=informational (auth.info). These messages will display in Linux and other *nix o/s syslogs by default, but not in Solaris syslogs.
By default, Solaris comes configured to discard auth.info messages. In order to have these messages display in your syslogs, you must modify the /etc/syslog.conf to make sure syslogd is capturing auth.info messages instead of discarding them.<
This is an example; your syslog.conf configuration may vary depending on your environment and specific logging needs:
Be sure to restart syslogd after changing the config, making sure the /var/adm/messages file does exist before restarting the daemon ('touch /var/adm/messages' if necessary). Please consult your Solaris syslog.conf man page for further details on configuring syslogd.
answered Dec 20 '10 at 13:06
SSH KB ♦