Ping a Specific Port

Question

Thermionix

Asked: 2012-01-30 16:34:42 +0800 CST2012-01-30 16:34:42 +0800 CST 2012-01-30 16:34:42 +0800 CST

snoopy rsyslog output file rule

772

I'm just setting up snoopy logger on my personal machine to archive commands I've run.

I'm attempting to setup an rsyslog rule to move its messages from /var/log/auth.log to /var/log/snoopy.log

I've tried a few different rsyslog rules to move the output, but after resetting the rsyslog service it's still logging to auth.log

~$ cat /etc/rsyslog.d/snoopy.conf

#if $programname == 'snoopy' then /var/log/snoopy.log
#& ~
:programname, isequal, "snoopy" /var/log/snoopy.log

Could it be that the rule in /etc/rsyslog.d/50-default.conf

auth,authpriv.* /var/log/auth.log

Is overriding any rule I specify?

1 Answers

Voted

Thermionix · Answer 1 · 2012-02-05T18:28:31+08:00

Best Answer

Thermionix

2012-02-05T18:28:31+08:002012-02-05T18:28:31+08:00

I renamed the file such that it was loaded earlier than the auth rule, and added & ~ to stop messages that match this rule being used in other rules.

~$ cat /etc/rsyslog.d/10-snoopy.conf

:programname, isequal, "snoopy" /var/log/snoopy.log
& ~

1

snoopy rsyslog output file rule

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?