[Fwd: [Mimedefang] Log Question]

Jeff Grossman jeff at stikman.com
Wed Oct 31 11:00:31 EDT 2007


>> I have been doing a lot of research trying to figure out this
>> problem.
>
>> I have not been able to figure out the whole check process thing
>> yet.
>
>> But, I have figured out that md_graphdefang_log is logging to the
>> mail
>> facility where md_syslog logs to some other facility which goes to my
>> /var/log/messages file.
>
> The attached perl script might help you confirm that syslog.conf is
> configure as needed/expected.  The script understands the way levels and
> facilities work in syslog.conf, and will show you a complete listing of
> what
> facilities, at each, will go to what logs.  Pipe the output to "pg" or to
> a
> file, to review your syslog.con configuration.
>
> Ken


Ken,
Thank you very much for that file.  But, I am a bit confused.  Here is the
output of the syslogconf file:

root at apple /temp # ./syslogconf
                Report for apple:/etc/syslog.conf

Event:  auth.alert              Action:  /var/log/messages
Event:  auth.crit               Action:  /var/log/messages
Event:  auth.debug              Action:  no action
Event:  auth.emerg              Action:  /var/log/messages
Event:  auth.err                Action:  /var/log/messages
Event:  auth.info               Action:  /var/log/messages
Event:  auth.notice             Action:  /var/log/messages
Event:  auth.warning            Action:  /var/log/messages
Event:  authpriv.emerg          Action:  , /var/log/messages, /var/log/secure
Event:  cron.alert              Action:  no action
Event:  cron.crit               Action:  no action
Event:  cron.debug              Action:  no action
Event:  cron.emerg              Action:  no action
Event:  cron.err                Action:  no action
Event:  cron.info               Action:  no action
Event:  cron.notice             Action:  no action
Event:  cron.warning            Action:  no action
Event:  daemon.alert            Action:  /var/log/messages
Event:  daemon.crit             Action:  /var/log/messages
Event:  daemon.debug            Action:  no action
Event:  daemon.emerg            Action:  /var/log/messages
Event:  daemon.err              Action:  /var/log/messages
Event:  daemon.info             Action:  /var/log/messages
Event:  daemon.notice           Action:  /var/log/messages
Event:  daemon.warning          Action:  /var/log/messages
Event:  kern.alert              Action:  /var/log/messages
Event:  kern.crit               Action:  /var/log/messages
Event:  kern.debug              Action:  no action
Event:  kern.emerg              Action:  /var/log/messages
Event:  kern.err                Action:  /var/log/messages
Event:  kern.info               Action:  /var/log/messages
Event:  kern.notice             Action:  /var/log/messages
Event:  kern.warning            Action:  /var/log/messages
Event:  local0.alert            Action:  /var/log/messages
Event:  local0.crit             Action:  /var/log/messages
Event:  local0.debug            Action:  no action
Event:  local0.emerg            Action:  /var/log/messages
Event:  local0.err              Action:  /var/log/messages
Event:  local0.info             Action:  /var/log/messages
Event:  local0.notice           Action:  /var/log/messages
Event:  local0.warning          Action:  /var/log/messages
Event:  local1.alert            Action:  /var/log/messages
Event:  local1.crit             Action:  /var/log/messages
Event:  local1.debug            Action:  no action
Event:  local1.emerg            Action:  /var/log/messages
Event:  local1.err              Action:  /var/log/messages
Event:  local1.info             Action:  /var/log/messages
Event:  local1.notice           Action:  /var/log/messages
Event:  local1.warning          Action:  /var/log/messages
Event:  local2.alert            Action:  /var/log/messages
Event:  local2.crit             Action:  /var/log/messages
Event:  local2.debug            Action:  no action
Event:  local2.emerg            Action:  /var/log/messages
Event:  local2.err              Action:  /var/log/messages
Event:  local2.info             Action:  /var/log/messages
Event:  local2.notice           Action:  /var/log/messages
Event:  local2.warning          Action:  /var/log/messages
Event:  local3.alert            Action:  /var/log/messages
Event:  local3.crit             Action:  /var/log/messages
Event:  local3.debug            Action:  no action
Event:  local3.emerg            Action:  /var/log/messages
Event:  local3.err              Action:  /var/log/messages
Event:  local3.info             Action:  /var/log/messages
Event:  local3.notice           Action:  /var/log/messages
Event:  local3.warning          Action:  /var/log/messages
Event:  local4.alert            Action:  /var/log/messages
Event:  local4.crit             Action:  /var/log/messages
Event:  local4.debug            Action:  no action
Event:  local4.emerg            Action:  /var/log/messages
Event:  local4.err              Action:  /var/log/messages
Event:  local4.info             Action:  /var/log/messages
Event:  local4.notice           Action:  /var/log/messages
Event:  local4.warning          Action:  /var/log/messages
Event:  local5.alert            Action:  /var/log/messages
Event:  local5.crit             Action:  /var/log/messages
Event:  local5.debug            Action:  no action
Event:  local5.emerg            Action:  /var/log/messages
Event:  local5.err              Action:  /var/log/messages
Event:  local5.info             Action:  /var/log/messages
Event:  local5.notice           Action:  /var/log/messages
Event:  local5.warning          Action:  /var/log/messages
Event:  local6.alert            Action:  /var/log/messages
Event:  local6.crit             Action:  /var/log/messages
Event:  local6.debug            Action:  no action
Event:  local6.emerg            Action:  /var/log/messages
Event:  local6.err              Action:  /var/log/messages
Event:  local6.info             Action:  /var/log/messages
Event:  local6.notice           Action:  /var/log/messages
Event:  local6.warning          Action:  /var/log/messages
Event:  local7.alert            Action:  /var/log/messages
Event:  local7.crit             Action:  /var/log/messages
Event:  local7.debug            Action:  no action
Event:  local7.emerg            Action:  /var/log/messages
Event:  local7.err              Action:  /var/log/messages
Event:  local7.info             Action:  /var/log/messages
Event:  local7.notice           Action:  /var/log/messages
Event:  local7.warning          Action:  /var/log/messages
Event:  lpr.alert               Action:  /var/log/messages
Event:  lpr.crit                Action:  /var/log/messages
Event:  lpr.debug               Action:  no action
Event:  lpr.emerg               Action:  /var/log/messages
Event:  lpr.err                 Action:  /var/log/messages
Event:  lpr.info                Action:  /var/log/messages
Event:  lpr.notice              Action:  /var/log/messages
Event:  lpr.warning             Action:  /var/log/messages
Event:  mail.alert              Action:  no action
Event:  mail.crit               Action:  no action
Event:  mail.debug              Action:  no action
Event:  mail.emerg              Action:  no action
Event:  mail.err                Action:  no action
Event:  mail.info               Action:  no action
Event:  mail.notice             Action:  no action
Event:  mail.warning            Action:  no action
Event:  mark.alert              Action:  no action
Event:  mark.crit               Action:  no action
Event:  mark.debug              Action:  no action
Event:  mark.emerg              Action:  no action
Event:  mark.err                Action:  no action
Event:  mark.info               Action:  no action
Event:  mark.notice             Action:  no action
Event:  mark.warning            Action:  no action
Event:  news.alert              Action:  no action
Event:  news.crit               Action:  no action
Event:  news.debug              Action:  no action
Event:  news.emerg              Action:  /var/log/news
Event:  news.err                Action:  no action
Event:  news.info               Action:  no action
Event:  news.notice             Action:  no action
Event:  news.warning            Action:  no action
Event:  user.alert              Action:  /var/log/messages
Event:  user.crit               Action:  /var/log/messages
Event:  user.debug              Action:  no action
Event:  user.emerg              Action:  /var/log/messages
Event:  user.err                Action:  /var/log/messages
Event:  user.info               Action:  /var/log/messages
Event:  user.notice             Action:  /var/log/messages
Event:  user.warning            Action:  /var/log/messages
Event:  uucp.alert              Action:  /var/log/messages
Event:  uucp.crit               Action:  /var/log/messages
Event:  uucp.debug              Action:  no action
Event:  uucp.emerg              Action:  /var/log/messages
Event:  uucp.err                Action:  /var/log/messages
Event:  uucp.info               Action:  /var/log/messages
Event:  uucp.notice             Action:  /var/log/messages
Event:  uucp.warning            Action:  /var/log/messages

And, here is my syslog.conf file:

#  /etc/syslog.conf     Configuration file for syslogd.
#
#                       For more information see syslog.conf(5)
#                       manpage.

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
#*.info;cron.none;mail.none;news.none;authpriv.none     /var/log/messages
*.info;cron.none;mail.none;news.none;authpriv.none      /var/log/messages
(END)

# The authpriv file has restricted access.
#authpriv.*                                              /var/log/secure
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  /var/log/maillog

# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages, plus log them on another
# machine.
*.emerg                                                 *

# Save boot messages also to boot.log
local7.*                                                /var/log/boot

#  Log all news items
news.*                                                  /var/log/news

#  Log all mail notices
#mail.notice                                            /var/log/mailerror


So, mail.* should be going to /var/log/maillog.  But according to the
syslogconf script, it is not going anywhere, which probably defaults to
messages.  But, all of my mail facility logs from Sendmail are going to
/var/log/maillog, just not MIMEDefang.

Any ideas?

Thanks,
Jeff




More information about the MIMEDefang mailing list