[Fwd: [Mimedefang] Log Question]
Jeff Grossman
jeff at stikman.com
Wed Oct 31 11:00:31 EDT 2007
>> I have been doing a lot of research trying to figure out this
>> problem.
>
>> I have not been able to figure out the whole check process thing
>> yet.
>
>> But, I have figured out that md_graphdefang_log is logging to the
>> mail
>> facility where md_syslog logs to some other facility which goes to my
>> /var/log/messages file.
>
> The attached perl script might help you confirm that syslog.conf is
> configure as needed/expected. The script understands the way levels and
> facilities work in syslog.conf, and will show you a complete listing of
> what
> facilities, at each, will go to what logs. Pipe the output to "pg" or to
> a
> file, to review your syslog.con configuration.
>
> Ken
Ken,
Thank you very much for that file. But, I am a bit confused. Here is the
output of the syslogconf file:
root at apple /temp # ./syslogconf
Report for apple:/etc/syslog.conf
Event: auth.alert Action: /var/log/messages
Event: auth.crit Action: /var/log/messages
Event: auth.debug Action: no action
Event: auth.emerg Action: /var/log/messages
Event: auth.err Action: /var/log/messages
Event: auth.info Action: /var/log/messages
Event: auth.notice Action: /var/log/messages
Event: auth.warning Action: /var/log/messages
Event: authpriv.emerg Action: , /var/log/messages, /var/log/secure
Event: cron.alert Action: no action
Event: cron.crit Action: no action
Event: cron.debug Action: no action
Event: cron.emerg Action: no action
Event: cron.err Action: no action
Event: cron.info Action: no action
Event: cron.notice Action: no action
Event: cron.warning Action: no action
Event: daemon.alert Action: /var/log/messages
Event: daemon.crit Action: /var/log/messages
Event: daemon.debug Action: no action
Event: daemon.emerg Action: /var/log/messages
Event: daemon.err Action: /var/log/messages
Event: daemon.info Action: /var/log/messages
Event: daemon.notice Action: /var/log/messages
Event: daemon.warning Action: /var/log/messages
Event: kern.alert Action: /var/log/messages
Event: kern.crit Action: /var/log/messages
Event: kern.debug Action: no action
Event: kern.emerg Action: /var/log/messages
Event: kern.err Action: /var/log/messages
Event: kern.info Action: /var/log/messages
Event: kern.notice Action: /var/log/messages
Event: kern.warning Action: /var/log/messages
Event: local0.alert Action: /var/log/messages
Event: local0.crit Action: /var/log/messages
Event: local0.debug Action: no action
Event: local0.emerg Action: /var/log/messages
Event: local0.err Action: /var/log/messages
Event: local0.info Action: /var/log/messages
Event: local0.notice Action: /var/log/messages
Event: local0.warning Action: /var/log/messages
Event: local1.alert Action: /var/log/messages
Event: local1.crit Action: /var/log/messages
Event: local1.debug Action: no action
Event: local1.emerg Action: /var/log/messages
Event: local1.err Action: /var/log/messages
Event: local1.info Action: /var/log/messages
Event: local1.notice Action: /var/log/messages
Event: local1.warning Action: /var/log/messages
Event: local2.alert Action: /var/log/messages
Event: local2.crit Action: /var/log/messages
Event: local2.debug Action: no action
Event: local2.emerg Action: /var/log/messages
Event: local2.err Action: /var/log/messages
Event: local2.info Action: /var/log/messages
Event: local2.notice Action: /var/log/messages
Event: local2.warning Action: /var/log/messages
Event: local3.alert Action: /var/log/messages
Event: local3.crit Action: /var/log/messages
Event: local3.debug Action: no action
Event: local3.emerg Action: /var/log/messages
Event: local3.err Action: /var/log/messages
Event: local3.info Action: /var/log/messages
Event: local3.notice Action: /var/log/messages
Event: local3.warning Action: /var/log/messages
Event: local4.alert Action: /var/log/messages
Event: local4.crit Action: /var/log/messages
Event: local4.debug Action: no action
Event: local4.emerg Action: /var/log/messages
Event: local4.err Action: /var/log/messages
Event: local4.info Action: /var/log/messages
Event: local4.notice Action: /var/log/messages
Event: local4.warning Action: /var/log/messages
Event: local5.alert Action: /var/log/messages
Event: local5.crit Action: /var/log/messages
Event: local5.debug Action: no action
Event: local5.emerg Action: /var/log/messages
Event: local5.err Action: /var/log/messages
Event: local5.info Action: /var/log/messages
Event: local5.notice Action: /var/log/messages
Event: local5.warning Action: /var/log/messages
Event: local6.alert Action: /var/log/messages
Event: local6.crit Action: /var/log/messages
Event: local6.debug Action: no action
Event: local6.emerg Action: /var/log/messages
Event: local6.err Action: /var/log/messages
Event: local6.info Action: /var/log/messages
Event: local6.notice Action: /var/log/messages
Event: local6.warning Action: /var/log/messages
Event: local7.alert Action: /var/log/messages
Event: local7.crit Action: /var/log/messages
Event: local7.debug Action: no action
Event: local7.emerg Action: /var/log/messages
Event: local7.err Action: /var/log/messages
Event: local7.info Action: /var/log/messages
Event: local7.notice Action: /var/log/messages
Event: local7.warning Action: /var/log/messages
Event: lpr.alert Action: /var/log/messages
Event: lpr.crit Action: /var/log/messages
Event: lpr.debug Action: no action
Event: lpr.emerg Action: /var/log/messages
Event: lpr.err Action: /var/log/messages
Event: lpr.info Action: /var/log/messages
Event: lpr.notice Action: /var/log/messages
Event: lpr.warning Action: /var/log/messages
Event: mail.alert Action: no action
Event: mail.crit Action: no action
Event: mail.debug Action: no action
Event: mail.emerg Action: no action
Event: mail.err Action: no action
Event: mail.info Action: no action
Event: mail.notice Action: no action
Event: mail.warning Action: no action
Event: mark.alert Action: no action
Event: mark.crit Action: no action
Event: mark.debug Action: no action
Event: mark.emerg Action: no action
Event: mark.err Action: no action
Event: mark.info Action: no action
Event: mark.notice Action: no action
Event: mark.warning Action: no action
Event: news.alert Action: no action
Event: news.crit Action: no action
Event: news.debug Action: no action
Event: news.emerg Action: /var/log/news
Event: news.err Action: no action
Event: news.info Action: no action
Event: news.notice Action: no action
Event: news.warning Action: no action
Event: user.alert Action: /var/log/messages
Event: user.crit Action: /var/log/messages
Event: user.debug Action: no action
Event: user.emerg Action: /var/log/messages
Event: user.err Action: /var/log/messages
Event: user.info Action: /var/log/messages
Event: user.notice Action: /var/log/messages
Event: user.warning Action: /var/log/messages
Event: uucp.alert Action: /var/log/messages
Event: uucp.crit Action: /var/log/messages
Event: uucp.debug Action: no action
Event: uucp.emerg Action: /var/log/messages
Event: uucp.err Action: /var/log/messages
Event: uucp.info Action: /var/log/messages
Event: uucp.notice Action: /var/log/messages
Event: uucp.warning Action: /var/log/messages
And, here is my syslog.conf file:
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
#*.info;cron.none;mail.none;news.none;authpriv.none /var/log/messages
*.info;cron.none;mail.none;news.none;authpriv.none /var/log/messages
(END)
# The authpriv file has restricted access.
#authpriv.* /var/log/secure
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* /var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages, plus log them on another
# machine.
*.emerg *
# Save boot messages also to boot.log
local7.* /var/log/boot
# Log all news items
news.* /var/log/news
# Log all mail notices
#mail.notice /var/log/mailerror
So, mail.* should be going to /var/log/maillog. But according to the
syslogconf script, it is not going anywhere, which probably defaults to
messages. But, all of my mail facility logs from Sendmail are going to
/var/log/maillog, just not MIMEDefang.
Any ideas?
Thanks,
Jeff
More information about the MIMEDefang
mailing list