Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Enable remote logging (syslog) in 10.5' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Enable remote logging (syslog) in 10.5
Authored by: pediger on Apr 21, '09 12:43:54PM
Facility security (13), Severity info (6) so my guess that my D-Link router is naming its syslog facility "security" but it is still not writing to the router.log file even after editing the syslog.config to point security.* to /var/logs/router.log.
Try remoteauth.* instead of security.*. I recently had the same trouble routing my D-Link log to a Tiger machine. Rather than "security," Wireshark reports:

Facility: LOGAUDIT - log audit (13) and Level INFO - informational (6)

so like you I was trying logaudit.* and audit.*, etc.

If you look at /usr/include/sys/syslog.h you can see how the numbers (13 in this case) map into the facility text codes (remoteauth).

[ Reply to This | # ]